Mobile threats under the guise of adult content doubled in 2019

Nigeria battles mobile malware storm
Image: Shutterstock

Self-isolation has prompted changes to many aspects of everyday life. With ‘stay at home – stay safe’ being the new motto for 2020, and adult content platforms experiencing an influx of visitors, security risks in this field have never been so relevant.

The review of 2019 threat activity done by Kaspersky researchers demonstrated that the number of mobile users attacked by adult content grew two-fold in 2019, reaching 42,973 users compared to the 19,699 who were targeted in 2018.

Adult content, just as is the case with other types of entertainment, remains one of the most prominent ways malefactors try to infect devices. Moreover, due to its rather sensitive nature and the reasonable desire amongst users to keep their browsing experience private, adult content remains of particular interest to cybercriminals. While various schemes involving phishing, spam and even various sex-related ransomware have been around for years, cybercriminals do not stop at that and continually work on expanding attack vectors and perfecting the methods of those attacks. 

With the rise of mobile devices that can be used for virtually anything – from work to entertainment – porn-related mobile threats are becoming more relevant as well. To learn more about mobile threats related to illicit content, a check was conducted on all files disguised as adult videos or adult content related installation packages for Android and ran 200 popular adult content tags against this database. The analysis showed results for 105 tags in 2018 and for 99 tags in 2019, demonstrating that not all adult content is used by cybercriminals to target their victims. Additional analysis demonstrated that content that can be rated as violent was hardly ever used for spreading malware.

Even though less tags were used to spread threats disguised as porn in 2019, the number of users attacked by mobile porn-related threats and potentially unwanted applications doubled – reaching 42,973 users attacked compared to 19,699 in 2018. Interestingly, the opposite trend was witnessed for the PC-threats, which dropped by almost 40%.  

Advertisement software, used to show and redirect users to unwanted advertising pages, remains the most prominent mobile threat both in variety and in the number of attacked users. Out of the top 10 porn-related threats for mobile users in 2019, seven belonged to this class of threat.

Most users have been targeted by advertisement application detected as AdWare.AndroidOS.Agent.f, with 35.18% of mobile users targeted by it in 2019. This type of threat is typically distributed through various affiliate programs, which has a purpose to earn money per installation or for the victim to download malicious applications.

“As users are becoming more mobile, so are cybercriminals. We have seen that although PC malware distribution has been dropping, mobile malware is on the rise. While we have not witnessed many changes in the techniques used by cybercriminals, statistics show that this topic remains a steady source of threats and users need to be aware of that, taking steps to protect access to the valuable data they keep on their devices,” comments Dmitry Galov, security researcher at Kaspersky.

“One cannot ignore how these attacks abuse user privacy as well – with data leaks and personal or private information being sold on the dark market for very small fees. Cybercriminals are now able to cross-reference various leaked databases of users, and hence make more informed decisions about the attacks, making them targeted rather than random, and hence, more effective. Users need to take more serious steps to protect themselves than ever through applying advanced security measures and educating themselves on handling their own data on the web and evaluating what risks their exposure entails” concluded Galov.