This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Aggressive adware and PUPS 'increase vulnerability to malware'

Share this article:

Apps that exploit users for advertising revenues and in-app purchases worsen mobile phone performance and collect unnecessary data, potentially increasing vulnerability.

Aggressive adware and PUPS 'increase vulnerability to malware'
Aggressive adware and PUPS 'increase vulnerability to malware'

Android mobiles are increasingly being targeted by Potentially Unwanted Programs (PUPs), often offered through legitimate channels, but which mislead people and then bombard the user with aggressive advertising and in-app purchases, as well as taking unnecessary amounts of personal data.  As a result they also impact phone performance, but they are not officially designated malware as the user has initially requested their installation.  

The leading offender is adware, which aggressively and persistently presents advertisements and exploits the OS or other software to force the device to advertise in a questionable manner.  Secondly, there are more generalised PUPS, a broader category which includes apps which seek suspicious permissions beyond their advertised function, impact device performance, use vulnerable code or operate dubious in-app purchases. 

Marcin Kleczynski, CEO at Malwarebytes told SCMagazineUK.com in an email, “Not only are these pieces of software annoying and needlessly expensive, but they can end up seeing personal data put to dubious use. Aggressive advertising and sneaky pay-to-play schemes in particular are on the increase.  In the beginning there were few offenders, but there are now a number of SDKs on the market which make it easy to create multiple variants, as well as bundle these together in a single app.”

Armando Orozco, senior malware intelligence analyst at Malwarebytes  explained that these apps are asking for permissions which are way beyond what is actually required by the host app itself, commenting:  “Typical examples of the types of privileges they seek are things like access to a person's contact book, the ability to write history and bookmarks, the ability to create shortcuts without explicit permission and even being able to send SMS.”     

As these types of apps aim to drive revenues games are a very popular area for these types of SDK to be found, but they can be in any category where ads can be specifically targeted, so anything from productivity to adult themed apps are exploited.  Orozco adds: “Often there are apps with three or more of these SDKs bundled, not just adding to the bloat but potentially exposing the user to vulnerabilities that lay in the SDKs code.  Malware could potentially exploit that security hole to access the user's device.”

In response, today Malwarebytes has launched a new version of its Anti- Malware Mobile which has added PUP protection and will give people an option to automatically detect and block these dubious apps.  Given the nature of such apps, the classification of an app as a PUP will initially be made by a human researcher. The software will still allow scheduling of updates over WiFi, social sharing of the app with friends, features French translation and allows users to send feedback and request new features. 

Google is reported to have been working to address this situation by altering  its developer policy so that developers are required to announce if their adware uses push  notifications or makes changes to the system, by requiring a EULA to be presented and offering an opt out. “This has made it a little more difficult to operate and has removed some overly aggressive apps, but it has to tread a very fine line,” says Orozco.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

VC cyber security funding tops £850 million

VC cyber security funding tops £850 million

A new study from US-based research firm CBI Insights reveals that corporate cyber security investments have risen five-fold since 2009, with 30 percent growth in the last year alone.

Russian/Chinese cyber-security pact raises concerns

Russian/Chinese cyber-security pact raises concerns

News that Russia and China are set to sign a cyber-security treaty next month have left Western cyber experts unsure whether it is a threat or a promising development.

UK police arrest trio over £1.6 million cyber theft from cash machines

UK police arrest trio over £1.6 million cyber ...

London Police have arrested three suspected members of an Eastern European cyber-crime gang who installed malware on more than 50 bank ATM machines across the UK to steal £1.6 million.