Privacy taking a backseat? Adware on Android on the rise

Adware targeted at devices running Google's Android operating system has increased 61 percent globally, security software maker Bitdefender says.

Adware used to gather everything from address book contacts to text in SMS messages grew worldwide by 61 percent during a five month period ending this past January, Bitdefender's research found.

"With adware gleaning more user data from people's devices than they would normally need to and developers bundling more than one adware framework into their apps, user privacy is increasingly taking a backseat to profit for developers and advertisers," said the Bitdefender report obtained by "TechHive Wednesday.

"More and more unknown third parties now have access to user browsing history, phone numbers, email address and everything they need to compile comprehensive and personalized user profiles," it added.

Adware growth rates vary by region, the report notes. The growth rate in the United States, for example, was 35 percent.

It's not just adware that's on the rise, according to Bitdefender; malware aimed at Android users also increased during the five month period by 27 percent.

As might be expected, adware pushers were very active during the holiday season. More than half the increase for the entire five month period came in November, during the run up to Black Friday and Cyber Monday holiday shopping period.

"While adware is not inherently malicious, it can collect phone numbers, contacts, and email addresses that are broadcasted to third-party services or sold to the highest bidder," the study notes. "The underground market greatly values such data as it can be used by marketers to profile users."

Personal information isn't the only kind of data vulnerable to adware peekers, Bitdefender says. With a growing number of personal devices doubling as work machines, company information could also be gleaned from a phone by adware.

Adware is often added by developers to an app so they can offer it for free while still earning some money from it, explained Liviu Arsene, a mobile threat researcher at Bitdefender who wrote the study.

"What users don't know and many developers don't care about is how adware frameworks work," he told TechHive.

An adware "framework" is a package of code a developer can plug into his app to perform tasks for an advertiser. Those tasks could be placing ads on the app's screen or spamming a user with nagging popups.

"They also collect tons of data that they don't need," Arsene said. "It doesn't matter if the app needs the data or not. It just collects it."

One reason many Android developers resort to adware is because paid apps aren't very popular with Android users, according to Dirk Sigurdson, director of engineering for Mobilisafe at Rapid7 in Boston.

"The likelihood of customers paying for an application is very low in the Android market, especially compared to the iOS market," Sigurdson said.

Android's method for granting permissions to apps to collect data from a phone also contributes to aggressive harvesting of information by adware, he added.

Android shows you a list of permissions that an app wants, but it's an all-or-nothing proposition, forcing a user to read a laundry list of permissions.

"Most of the time a user will download the application, ignore the list of permissions and just click OK," Sigurdson said.

Security firms have been warning Android users for some time about the dangers posed to privacy by adware and malware. Some of those warnings have been dismissed by critics who say the firms are out to sell software by hyping the dangers involved.

Join the CSO newsletter!

Error: Please check your email address.

Tags consumer electronicsGooglesecuritysmartphonesAndroidprivacybitdefender

More about GoogleRapid7

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John P. Mello Jr.

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place