Jump to content


Mobile Ads abuse Android user permissions

  • Please log in to reply
No replies to this topic

#1 AplusWebMaster



  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 29 October 2012 - 08:27 AM


Mobile Ads abuse Android user permissions
- http://blog.trendmic...se-permissions/
Oct 29, 2012 - "... part of the Android user experience (is) that apps will ask for a long laundry list of permissions. Many apps will ask you to grant them network access so they can download updates. Others seek permission to read your phone’s state and identity so calls won’t disrupt them from doing what they’re doing. Unfortunately, these permissions can be abused for criminal intentions. Aside from apps abusing user’s permission, we noted a significant rise in the number of aggressive mobile adware... they pose serious threat to user’s privacy and serve as effective means to collect data, which can be used for suspicious purposes:
> http://blog.trendmic...d-network-1.png
... unexpectedly and -without- warning from an official and safe source such as Google Play. The abbreviation ADW in the detection name indicates that the danger comes from adware... Here is a list of the data leaked from the Android device and sent to the servers of the company behind this module:
• The device’s IP address on all interfaces (i.e., both WiFi and mobile network)
• The device’s ANDROID_ID (unique 64-bit identifier for the device)
• The Android OS version
• The user’s location, as determined by GPS
• The user’s mobile network and their country code
• The user’s phone number
• The device’s unique ID (their IMEI, MEID, or ESN)
• The device’s manufacturer and version
The adware module also gathers other information stored on the device, such as any accounts registered on the device, together with the calendar and browser bookmarks. It also displays advertising outside of the app, such as push notifications. My colleague, Hayashi Noriyaki, noted that this practice of pushing notifications e.g. displaying ads on notifications bar is an unwanted advertising method, which has been prohibited* by Google...
* https://play.google....ent-policy.html
... In this case, the paid version of FLV Player with no ads is not considered harmful at all by our Mobile Application Reputation System (MARS), unlike the free version. However, the -free- version has been downloaded more than a million times – unlike the paid version, with only 1,000+ downloads. With just this one app, this ad module got information from more than a million users... Based on information from MARS and Google Play, at least 7,000 free apps use this particular advertising module. 80% of them are still available, and at least 10% of them have been downloaded more than one million times. It is not only Trend Micro that is worried about this advertising module. The Web of Trust community gave the advertising module’s servers a ”very poor” reputation score, with a highest score 17 out of 100. Community members also believe that this company is involved not just in spam (email or push notifications), but also phishing and other scams. In addition to taking the user’s personal information, these ads also display advertising in particularly annoying ways. Either notifications or an icon on the device’s home screen are used to serve ads to users. The apps themselves may not tell the user that these Android features may be used to serve them advertising. Users may find this needlessly annoying; in addition they may be hard to remove as it’s not always clear which app was responsible for the ads... be careful about all mobile apps they download, wherever they come from. This is particularly true for “free” apps, where in effect your information becomes payment for the app. For some people, this may be a worthwhile tradeoff – but this is something every user should decide for themselves, with a full appreciation of what is given up in return for something “free”..."

Exposing Your Personal Information – There’s An App for That
- http://forums.junipe...hat/ba-p/166058

> https://www.computer...ps_as_high_risk
Nov 1, 2012

> http://www.f-secure....q3mtr_chart.jpg
Nov 5, 2012

:( :ph34r: :ph34r:

Edited by AplusWebMaster, 06 November 2012 - 05:40 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...

Member of UNITE
Support SpywareInfo Forum - click the button