4:11 PM
Unknown
Posted Monday, January 30th, 2012 at 9:56 am by Antonio Wells Comments
Recently, anti-virus & anti-malware company Symantec alerted the public of Android.Counterclank and categories it as a very low threat Trojan that steals personal information; which infected more than 5 million people. Mobile threat and anti-virus company Lookout posted in their blog and disagreed with the assessment. They felt it was “an aggressive form of ad network and should be taken seriously.” Symantec illustrates the software identifies your device unique IMEI and sends the details off to an unknown host without your knowledge or consent. Lookout’s perspective took notice of the potential malware as a nuisance that adds “Search” icons to your homescreen, adds bookmarks to browser and pushes ads in your notification bar. However, I have my own opinion on this and would like to label it as sneaky “Adware“!
I have been following this particular variant of software for a month prior to the breaking news, however, needed more information to gather an assessment. Whatever you want to call it; malware, adware or crapware, I estimate more than 10 million have been infected. My experience with the software came from installing free MP3 downloader apps such as MP3 Music Download Pro, MP3 Music Download V2 and Easy Mp3 Downloader for review; in which these 3 apps have a combined minimum total of 12 million downloads.
With a new medium bursting with opportunity to take advantage of unsuspecting suckers there will always be those that gain and lose. Introducing the rise of creative mobile ad networks… these ads are designed to help developers monetize their apps and allow advertisers to reach consumers while the ad network benefit from the collaboration; the mechanism of delivery however is shady.
My theory started when I actually noticed two types of icons placed on the homescreen, two vendors for “Search” and one for “Market”. I’ve noticed the Apperhand search page (which I found was powered powered by InfoSpace search aggregator upon deeper investigation) and the AirPush ad network search page. These search icons bring you to a page that looks similar to Google’s mobile search page, an unsuspecting user might just use it thinking it’s Google’s. When you use the search it does give results, however, riddled with sponsored ad results meant to confuse the user into clicking.
I hope this serves as enlightenment for the general public to stay more vigilant about the apps the install onto their devices. As we have learned from past security scares, thoroughly looking at the permissions an app request may not be enough. I would personally predict this behavior will only increase as more ad network spring up to monetize the space or as more people take advantage of opportunities. To get rid of the adware you would have to delete the suspecting app that installed it as simply deleting the “Search” or “Market” icons from your homescreen or Browser bookmarks wont stop the annoying push notification bar ads.
Have you noticed these ads? Share your experience in the comments below!
Updating...
