Avoid third-party sites, says BitDefender The advertising embedded on some free Android apps is getting more aggressive and there is no easy mechanism for users to detect the issue before downloading programs, security firm BitDefender has reported. Typical forms of nuisance behaviour include creating homescreen shortcuts, altering default search engines and using up memory and processor cycles in ways that degrade performance. Some also push important messages from other apps into the notification tray.Surprisingly, a number of apps featuring such adware are also hugely popular which suggests that either users don’t object to their effects or simply don’t notice them.Examples offered by BitDefender include Ant Smasher, installed 50 million times from Google’s Play store or its previous incarnation, the Marketplace. On third-party sites, the same app comes with nuisance adware. Another offender was Network Signal Booster, which in the version found on third-party sites bombards users with ads and messages in the style of PC adware of old.Both of these examples were downloaded from third-party sites rather than Google Play, so is this a problem that comes from using dodgy sites? For the most part, yes, although BitDefender did find one app on Google’s own site, Galaxy S3 Go Launcher Ex, that loaded unwanted shortcuts while changing the default search engine without permission. This had been downloaded 500,000 times, the company said.“Aggressive adware was once limited to desktop and laptop computers but the latest findings from the Bitdefender Labs suggest the same scenario is playing out in the mobile device landscape,” claimed BitDefender’s chief security researcher, Catalin Cosoi.“Android’s permission system includes no details about adware or the resources it might access, making it hard for users to spot aggressive adware behaviour until the app has been installed or an antivirus solution has flagged it.”Beyond this, adware morphed quite quickly into straight malware.The top UK adware was Adware.Mulad.A, accounting for about 30 percent of detections in August followed by Trojan.FakeDoc.A, better known as the battery management utility Battery Doctor’.The latter was unambiguously malicious, intercepting emails and SMS messages for broadcast to the attacker’s server. Related content feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Mergers and Acquisitions Mergers and Acquisitions brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe