Nearly Half Of Mobile Apps Contain Pop-Up Ad Malware
Uggboy and Ugggirl / Flickr, CCSEATTLE -- Remember when pop-up advertisements inundated your PC browser? It's beginning to happen again, this time on smartphones and touch tablets.
Adware for mobile devices -- referred to as madware -- caught fire in 2012 and is expected to continue escalating this year.
That's because software application developers and online ad networks are scrambling to profit from the vast audience of mobile device users. So they are experimenting with intrusive forms of mobile advertising -- with no industry standards, nor U.S. privacy laws to constrain them, Internet analysts say.
"The problem is getting worse," says Paul Ferguson, vice president of threat intelligence at IID, a security firm that monitors Internet traffic. "App developers and ad networks want to make money, and the screening to keep out malicious actors is not adequate."
Antivirus giant Symantec has been tracking 1.5 million mobile apps for Android smartphones and touch tablets. It found a 210% increase in madware over the last nine months of 2012. Nearly half of the apps analyzed distributed madware, some issuing as many as 17 variants.
The nuisance factor typically kicks in after you download a free app. Madware appears in your calendar entries, photo albums and ringtones. One type inserts an audio commercial that triggers when you dial a call. You're forced to listen to the entire commercial before the call connects.
Another type continually inserts ad alerts in notification bars. "It becomes almost impossible to distinguish between the genuine alerts that you expect to see, such as calendar reminders, text message alerts and e-mail alerts," says Richard Clooke, a Symantec mobile security adviser.
Many free apps require consumers to divulge location information and personal data, which app developers and ad networks then use to concoct new ways to hook people and their contacts into a transaction. Another concern is that all of that harvested personal data can be accessed by spammers and identity thieves, says Giri Sreenivas, mobile manager at security firm Rapid7.
For now, mobile device users must bear the burden for policing madware. Experts advise them to carefully consider permission requests, search the Web for reports on suspicious apps; and make use of madware detectors, such as Symantec's free Norton Spot tool.