Scroll down to learn more about GeoEdge's ad security and verification solution!
GeoEdge University

Malvertising in Mobiles

There are a number of factors that make mobiles prone to malware attacks. There, of course, is the basic logistics factor, where malware has two possible entry points on a mobile device – the browser and the apps that sit on the mobile OS. There is also the prevalence of poorly policed third party app stores, where malware-laden apps are available for easy download. Another factor is the increasing use of Potentially Unwanted Programs, or “PUPs,” that can hijack legitimate ads and be unknowingly downloaded when a user downloads a specific program or application. 

Malware uses a variety of tactics to get from an infected ad onto your phone; infected ads can come from an app, a browser banner, and also from a video ad. The malware inserts itself into your device memory and then tricks you into installing it, perhaps by displaying a pop up when you install other apps or app updates. In this situation, you have now unwittingly installed malware on your device, and have even set permissions for it.

In the case of apps, ads are often displayed in the form of warning messages (you’ll no doubt have seen these when you use free apps in particular).  The anti-virus firm, Avast, discovered a form of this ad malware on Google’s Play Store in a widely installed game called Durak. The infected game started the malware-laden ad which it displayed as warning messages when users would unlock their Android phones.

It is worth noting that mobile app based malware in general is the domain of the Android OS and IOS is, so far, relatively malware free, with 97% of the mobile app malware space being Android based. This concurs with a more recent report that found almost 4900 new Android malware files, per day, in the first quarter of 2015 – an increase of 400 files, per day, over the same period in 2014. 

Once infected, there are two possibilities as to what can happen: 

One possibility is that you will be taken to a malicious website. For example, a seemingly legitimate ad platform takes ad clickers to a pornographic sub-domain – which then offers an installer for another app. This app is malware and is set up to take money from the user. The “ad virus” signs the user up to premium rate mobile services and once connected sends premium rate SMS texts at a cost of 25c each. It all adds up and the user ends up paying a lot of money over the year. Another possible result of a malicious ad is having personal data stolen. For example, certain malware will “observe” user behavior to determine when to pop up certain interfaces that will then be used to steal banking login credentials.  

Mobile ad security stops the malicious advertising. Talk to us if this is what you need.