The Fine Line between Malicious and Innocent Apps: Part 2
Malware has increased on mobile devices 900% since 2011. As dramatic as that number is, as we explained in part 1 of this post, your Android device is unlikely to become infected with malicious malware.
Nowadays, cybercrooks use more subtle and insidious techniques to steal money and personal data from you.
We explained about PUPs and snoopy apps that want too much information from you. Here are a few more sneaky methods that you should be aware of:
Information hungry ads
App developers are not the only information hungry players in the app game. Ad kits can be found in 80% of free apps. Ads are used to monetize free apps, just like websites display ads to monetize. Unfortunately, not all ad networks play fair. Some ad networks collect and share your personal data.
At the beginning of the year Rovio, maker of Angry Birds, came under fire for allegedly sharing user information with the NSA. They, however, denied this and stated that Ad Networks used by “millions of commercial websites and mobile applications” leaked information to the U.S. intelligence agency.
avast! Mobile Premium, the premium version of avast! Mobile Security, includes an Ad Detector feature. This feature provides full details of an ad network’s capabilities. Ad network permissions are mixed in with the app’s permissions, so it is difficult to differentiate where certain information is being sent and who is accessing your device. App downloaders should therefore always review app permissions thoroughly, as app developers are not the only players on the app’s field.
Empty promise apps
There are apps on the market that are not after your personal data, but are more interested in deceiving you for financial gain. These apps trick people into downloading something different than what they advertised. There are various ways this can be done with various levels of severity.
The most innocent of them being seemingly normal apps that when downloaded only display ads, not even offering the service they advertised. We found apps like this around the time of the World Cup. Games like Corner Kick World Cup 2014 displayed a white screen with ads popping up now and then. This is not necessarily malicious, but frustrating and annoying for the user. If the app had been called Ad Roulette it would be acceptable, but app developers gain a small profit from advertisers when users click on ads displayed within their app. Displaying ads continuously boosts the likelihood that users will click on the ads, thus increasing the app developer’s profit.
More malicious and misleading apps warn people that their device is infected, deceiving them into downloading either an app to remove the “virus” on their device or in some cases downloading actual malware. AVAST discovered an adult app, available on an underground app market that forced users to “scan their device for viruses.”. Subsequently, the app displayed a fake version of avast! Mobile Security, which in reality was ransomware that locked victim’s out of their devices until they paid up.
Apps that gain users by offering a solution to remove non-existent infections, on the other hand, may offer a legitimate app, like a security or other category of app, but the tactic they use to gain users is deceitful and unethical.
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter, Google+ andInstagram. Business owners – check out our business products.