The seriousness of the adware threat came to a head last week, when Google removed apps from its Play Store for being linked to an aggressive ad network containing serious vulnerabilities. Security firm FireEye found flaws in the ad library that could be used by cybercriminals to create a mobile botnet, snoop on user devices or steal account credentials. The ad network, which wasn’t named, pushed out an update fixing the flaws and some apps dropped support of the ad library, FireEye said.
A Google spokesperson contacted by CRN said the company removed the apps for violating the Play Store terms of service and declined to comment further. If an app has app ads, those ads are held to the same Play Store policies agreed upon by developers in Google’s Play Store Terms of Service and program policies. Automated and manual checks ensure that apps abide by policies.
The percentage of apps containing aggressive adware increases each year, Symantec said. In 2012, about 15 percent of apps seen in Google Play included adware. By the end of June, Symantec said it identified 23.8 percent of apps containing aggressive advertising tactics. Third-party app stores contain the bulk of the Android malware and the most aggressive advertising networks, Symantec said.
Developers that use aggressive advertising libraries are more apt to connect to multiple advertising networks, Symantec said. The use of two ad libraries increased from 32.2 percent in 2011 to 35.5 percent in 2012, and it grew further to 43 percent in 2013, the study found.
Some apps identified as adware simply annoy the user by showing ads in the notification bar or playing a voice ad when making a phone call. In addition, roughly a quarter of the apps identified as adware by Symantec collect the device phone number or prompt the user to install other apps. More than two-thirds of ad libraries collect device information, such as its IMEI number or phone producer and model.
PUBLISHED OCT. 29, 2013