Ad Networks and Smartphones
October 7, 2013
By Jack Walsh

Free mobile apps often come chock full of ads.  And it’s not just the free apps.  A surprising number of paid apps come with ads as well.  App developers typically link in one or more advertising network to monetize their otherwise inexpensive mobile apps.

Users are relatively tolerant of mobile app advertising.  That is until a mobile ad network in a seemingly benign mobile app distributes malware or exfiltrates sensitive user information without the user’s knowledge or consent.

Lookout, a mobile anti-malware provider, blogged about its discovery of BadNews, a new malware-ridden advertising network, and other providers in the security industry have made even more recent discoveries of malicious ad networks.

Unless a mobile ad network included in an app is known to be malicious, then detecting it isn’t trivial.  That’s because, it’s not so much the app as the ad server, that’s the culprit.  For all intents and purposes the app when analyzed may appear totally benign.  

As a result, apps with malicious ad networks are evading detection by software application security testing tools, mobile anti-malware solutions, and mobile app marketplaces like Google Play. ICSA Labs anticipate an increase in malicious mobile ad networks for the foreseeable future.

Comments

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.