Free Android rogue adware is growing

Today's social mobile computing devices have become more and more popular, and more and more cybercriminals are beginning to look to the mobile platform, but we are not familiar with the malware is their most commonly used pipeline. According to a report released Wednesday by mobile security firm Lookout , Android users are more likely to become adware and are not the victims of malware in the usual sense. This means that mobile advertising is slowly becoming a new conduit for attackers, and users just downloading apps from Google Play's official Android market can no longer prevent rogue malware.

After analyzing 200,000 Android apps after a sample survey, Lookout found that 6.5% of free apps are in line with the definition of malware and that they can push ads out of the app without the user's permission, typically through Message center or in the phone's main interface to add icons, and 6.5% of the free applications are in the Android application store.

According to Lookout's security product manager Jeremy Linden, more than 1 million U.S. Android device users have downloaded malicious adware in the past year. The chances of users installing rogue adware is far greater than the chance of installing malware or spyware. In April, Lookout also found that Android malware makers have developed an ad network SDK, BadNews, that allows malware to sneak into users' Android phones with apparently harmless software.

Linden said Lookout believes the advertising industry should meet the industry standard for mobile advertising and provide a basic code of conduct. Currently, the Digital Advertising Alliance has just started developing mobile privacy guidelines for its members, but the coalition has not rated Lookout's standards for rogue adware.

Lookout does not currently conduct a similar survey on apps in Apple devices, but an iOS app, ProtectMyPrivacy, lets users choose which data access is granted to the app. Crowdsourced to recommend to the user a reasonable application-specific permissions, but this can only be done on jailbroken Apple devices because Apple does not allow APPs to monitor each other's behavior on devices that are not jailbroken. To learn more about privacy protection assessments for iOS apps, visit this page on the ProtectMyPrivacy website.