Code-level analysis reveals the fact that android ad SDK is virus-driven

The younger brother did not work. He started to do some gadgets on the Android platform earlier, and made a little money by inserting the advertisement SDK in the software. Some early stages of the advertising platforms had good profits. Later, the amount of unterminal deductions on the platform became more abnormal, and the user experience gradually deteriorated. As a result, my software was obviously uninstalled. But these are not the main reasons why I disband my studio. What I want to say is that the android advertisement industry is very deep, and there are too many invisible secrets in its back. Now that I am leaving, I am not afraid to reveal the truth.

This makes it easy for Android users not only to experience the effects of frequent pop-up psoriasis advertisements, but also to protect their privacy and economic interests. We hope relevant departments will pay attention to the social hazards and strengthen management and control! So much nonsense.

This is a technical post. In order to take care of the readers who do not like to read the detailed process, I will directly draw a conclusion at the beginning: the numerous domesticAndroid advertising allianceSDKAlready virus-infected,Push AdvertisementAnd collect the user's mobile phone number, wireless network card, and geographical location information.Personal privacy, AndMobile phone traffic and powerResulting in sustained consumption. Literacy: What is an advertisement SDK? The so-called advertisement SDK is familiar to Android Developers. In their own applications, package the SDK for advertisers and use traffic for Money.

For example, if the software you download is an elevator, the advertisement SDK is the LCD advertisement screen in the elevator. Elevators without LCD screens can also run. Visible. The ad SDK is not part of the normal function of the mobile APP.


Analysis start:




The century is one of the largest advertising platforms in China. The so-called world is generally black, it is used as an example.
I downloaded the latest advertisement SDK (version 1.6.6) from the official website of the century and obtained the following analysis results:


Fact 1: the universal century SDKYou can create shortcuts and bookmarks on your mobile phone.This shortcut is not a program shortcut, but a shortcut that can point to a link. It is actually an advertisement.Don't be surprised if you suddenly have some icons on your desktop, probably because the software you install contains a universal SDK..The Code is as follows:
















Fact 2: the universal century SDKCollect User GPSLocation information and network card MACAddressIt provides a function module for obtaining GPS positioning information. It grants the "ACCESS_FINE_LOCATION" permission and calls this function module to obtain the user's GPS positioning information.












As shown above, if GPS Positioning fails, you can use the network to locate the problem. Weibo and Momo users often know that Network Positioning is quite accurate. The advertisement SDK obtains the mac address of the Wi-Fi network card, grants the "ACCESS_WIFI_STATE" permission, and calls this function module to obtain the mac address of the user's wifi network card.








Fact 3: The Universal century SDKPop-up notification bar ads, collect phone numbers, and ad pop-up implement advanced cloud ControlThere are two ways to push advertisements in the notification bar: manual and automatic. The automatic mode is controlled by the developer. Here we do not analyze the ads. Here we only analyze the "manual mode:








Request sent: http://push.wapx.cn/action/push/ad? App_id = login & udid = 351863042869674 & imsi = 460002678523065 & mid = 13888888888 & net = internet & loc = & app_version = 4.0 & sdk_version = 1.6.5 & device_name = sdk & device_brand = generic & y = platform & device_type = android & OS _version = 2.3.3 & country_code = US & language = en & cid = 87rsk1bkpni2alfp6mng7ia04dr17qea & act = angq. hitship. mainAct & channel = 91 & device_width = 240 & device_height = 320 & at = 134 6836332349 this includes the user's mobile phone number. Do you know why there are too many harassing text messages and calls. Half of the software installed on your mobile phone has built-in ad plug-ins. The ad plug-ins will take away your mobile phone number and take it for a while. You just need to use your heel to get it. Ad code downloaded by the ad plug-in from the cloud:








This is the final display content of the AD plug-in. Of course, it can be changed in 10 minutes. If you want to push anything, you can push it. The user's Android phone becomes an advertisement machine. Of course, the majority of advertising fees are earned by advertising alliances like wanpu. Who doesn't want to make money in vain? We, the miserable little developers, swear for advertisers. You cannot live yourself.