After a pandemic lull in 2020, malware aimed at individuals and organizations surged in 2021, according to a report released last week by cybersecurity software maker Malwarebytes. Year-over-year, overall malware detections jumped 77%, the report noted, with business-focused threats rising 143% and consumer threats climbing 65%, to more than 152 million.
The report also noted that spyware detections on Android phones surged 1,600% at the beginning of the pandemic, but growth tapered off in 2021, with 54,677 detections of Android monitoring apps discovered during the period, a 7.2% increase, and 1,106 detections of spyware apps, a 4.2% increase. However, the report found that while overall numbers for monitoring and spyware apps were up, detections have declined since their peak in 2021.
Concern about stalkerware isn’t limited to Android phones, the report added. In 2021, Pegasus spyware infected iPhones used by journalists and government officials, enabling surveillance of their locations and data. Average users also began struggling with the pros and cons of Apple-developed location trackers—AirTags—that enabled potential victims to be silently monitored by perpetrators, the report added.
Sophisticated adware cripples devices
Adware, though, dominates the Android malware landscape, with nearly 80% of detections related to it. While adware is often considered more of a nuisance than a threat, that isn’t always the case. “Adware can be a catalyst to install additional threats on a phone,” Malwarebytes Labs Head of Thought Leadership Adam Kuwaja said.
“More sophisticated adware can cripple devices, requiring full device factory resets or preventing users from accessing corporate accounts and applications,” says Kristina Balaam, a senior threat researcher at Lookout, a mobile cybersecurity company. “Some adware can exfiltrate more sensitive data about the user and their device as part of their campaigns. While it’s less likely that an adware family will severely compromise an enterprise in the same way that a surveillance application or ransomware sample could, they can disrupt devices or collect more data than is necessary about an enterprise’s…