Increasingly virulent adware threatens Android user privacy
Two ad networks, AIRPUSH and ADWLEADBOLT, indicative of the trend toward privacy abuse, says Trend Micro
By Antone Gonsalves
November 05, 2012 — CSO — New generations of adware targeting Android smartphones are increasingly violating user privacy by grabbing personal information and using it without permission, a new study shows.
Although most adware is designed to collect some user information, the line between legitimate data gathering and violating privacy is starting to blur, finds a report released Monday by Trend Micro.
The trend is said to be due to the increasingly aggressive behavior of advertising networks that offer mobile app developers a variety of ways to display ads.
Ads contained within an app are considered legitimate; as long as the app developer discloses the personal information used to display advertising that is most relevant to the recipient.
The process becomes a privacy issue when app developers take more information than they originally asked for and then sell it to ad networks.
"These aggressive apps can force your device to leak more information than what's necessary, which can become a privacy and security risk," said Tom Kellerman, vice president for cybersecurity for Trend Micro.
[See also: Web still king, but email stages scam comeback]
Trend Micro identified two ad networks, AIRPUSH and ADWLEADBOLT, that it said were indicative of the trend toward privacy abuse. The networks use the information collected from unsavory app developers to send ads outside the app in the form of notifications. Viewing the notification opens the phone's Web browser and sends the user to the advertiser's website.
Profit is behind the move toward unethical data-gathering practices. App developers store an Android user's personal information in an ad library, which is made accessible for a price to ad networks. Data that can help build the most effective targeted ads has the most value.
A study by researchers at North Carolina State University and the Technical University Darmstadt, Germany, found that some ad libraries contained call logs, account information or phone numbers. "Such information can be used to deduce the true identity of the user, enabling more comprehensive tracking of the user's habits -- at the cost of all pretense of privacy," the researchers said.
Hackers often know the apps that gather excessive amounts of personal data and will write malware capable of siphoning off the information, Kellerman said.
"These aggressive apps are usually poorly constructed," he said. "Not poorly in terms of functionality, but poorly in the sense of security and they become a beachhead [for malware]."
Along with the privacy threat, adware also damages the operation of the smartphone by making it run slower and drain battery power. A study by Purdue University and Microsoft found that as much as 75% of the energy used by free apps is from third-party advertisement modules.
Trend Micro also found that the number of malware targeting Google's Android platform is continuing to soar. The number of malicious apps went from 30,000 in June to nearly 175,000 in September, a sixfold increase.
The openness of the Android platform has made it a favorite target for malware. The quality and security of apps depends on the online market, which may not vet software before it is made available.
Android malware is a particular problem on markets based in foreign countries. In August, Argentina, Kuwait, Russia, India and Brazil, respectively, were the top five countries with the highest risk of malware download.
Read more about wireless/mobile security in CSOonline's Wireless/Mobile Security section.