Mobile malware, as its name suggests is malicious software that specifically targets the operating systems on mobile phones. There are a number of factors that make mobiles prone to malvertising. There, of course, is the basic logistics factor, where malware has two possible entry points on a mobile device – the browser and the apps that sit on the mobile OS. There is also the prevalence of poorly policed third-party app stores, where malware-laden apps are available for easy download. Another factor is the increasing use of Potentially Unwanted Programs, or “PUPs,” that can hijack legitimate ads and be unknowingly downloaded when a user downloads a specific program or application.
How malware infects your phone
Malware uses a variety of tactics to get from an infected ad onto your phone; infected ads can come from an app, a browser banner, and also from a video ad. The malware inserts itself into your device memory and then tricks you into installing it, perhaps by displaying a pop up when you install other apps or app updates. In this situation, you have now unwittingly installed malware on your device, and have even set permissions for it.
In the case of apps, ads are often displayed in the form of warning messages (you’ll no doubt have seen these when you use free apps in particular). The anti-virus firm, Avast, discovered a form of this ad malware on Google’s Play Store in a widely installed game called Durak. The infected game started the malware-laden ad which it displayed as warning messages when users would unlock their Android phones.
What happens once your mobile has been infected
Once infected, there are two possibilities as to what can happen:
One possibility is that you will be taken to a malicious website. For example, a seemingly legitimate ad platform takes ad clickers to a pornographic sub-domain – which then offers an installer for another app. This app is malicious and is set up to steal money from the user.
The “ad virus” signs the user up to premium rate mobile services and once connected sends premium rate SMS texts at a cost of 25c each. It all adds up and the user ends up paying quite a lot of money over the year. Another possible result of a malicious ad is having personal data stolen. For example, certain malware will “observe” user behavior to determine when to pop up certain interfaces that will then be used to steal banking login credentials.
Every publisher’s highest priority is producing high-quality, engaging content. When your site is performing well, malicious ads can easily sound like “someone else’s problem.” But no publisher is immune — you’re safe only until the first attack on your inventory. Then, suddenly, security becomes an emergency job. Mobile ad security stops malicious advertising — and publishers are the last line of defense. Today, the task of malware protection goes far beyond the end user. The most dangerous attacks come from the least obvious sources.
Malvertising is big business for criminals all over the world — it allows them to make money off of your inventory, your traffic, and your reputation.Keeping malvertisers away from publishers’ inventory calls for vigilance across the entire ad supply chain. But regular monitoring — even if it happens at every point along the chain — is not enough. Reacting to malvertising attacks after the fact is not enough. You need real-time, proactive solutions for real-time, unpredictable attacks.
Real-time detection and blocking of any malicious ads, and airtight QA automation, is the only surefire ad security strategy for publishers. These methods pinpoint known threats in the ecosystem, identify new threats, and prevent the clean-up that follows an attack.
