Pre-installed adware endangers mobile users
Kaspersky's analysis of attacks on mobile devices has revealed hat 15% of its users who were targeted by malware or adware last year suffered a system partition infection, making the malicious files undeletable.
In addition, when it comes to pre-installed default applications, depending on the brand, the risk of undeletable applications varies from 1% to 5% in low-cost devices, soaring to 27% in extreme cases.
A system partition infection entails a high level of risk for the users of infected devices, as a security solution cannot access the system directories to remove the malicious files. Kaspersky's researchers say this type of infection is becoming an increasingly common way to install adware, or software designed to display intrusive advertising.
“Infection can happen via two paths: the threat gains root access on a device and installs adware in the system partition, or the code for displaying ads gets into the firmware of the device before it even ends up in the hands of the consumer,” the company says.
The threats uncovered in the system directories included a variety of malicious programs – from Trojans that can install and run apps without the user’s knowledge to less threatening, but nonetheless intrusive, advertising.
In certain instances, adware modules were pre-installed before the user even received their device, which could lead to unwanted situations. For example, a lot of smartphones have functions providing remote access to the device, which if abused, could lead to a data compromise of the device.
Several vendors have openly acknowledged embedding adware in their smartphones, and some allow it to be disabled. However, there are others that don’t, and they pass it off as part of their business model to lower the cost of the device for the end-user.
Often, the user has little choice between buying the device at the full price, or a little cheaper with lifetime advertising, says Kaspersky.
Igor Golovin, a security researcher at Kaspersky, says the analysis demonstrates that mobile users are not only regularly attacked by adware and other threats, but their devices may also be at risk even before they bought them.
He says users don’t even suspect that they are spending their cash on what is effectively a pocket-sized billboard. “Some mobile device suppliers are focusing on maximising profits through in-device advertising tools, even if those tools cause inconvenience to the device owners.”
Golovin stresses that this isn’t a good trend, in terms of both security and usability. “I advise users to look carefully into the model of smartphone they are looking to buy and take these risks into account – at the end of the day it is often a choice between a cheaper device or a more user-friendly one,” he says.
To avoid risks prompted by adware on mobile devices, Kaspersky recommends users read product reviews before buying a device, and should the device be infected, to check for firmware updates or try to install alternative firmware, at their own risk.