Lookout calls out shady Android ad networks

If you own an Android phone, there's a small chance that you've downloaded an app with some questionable advertising tactics.

If you own an Android phone, there's a small chance that you've downloaded an app with some questionable advertising tactics. Now, mobile security firm Lookout is naming and shaming the ad networks involved.

Lookout's definition of adware includes any of the following behaviors: collecting personal information in an unusual manner, displaying ads outside of the app itself, or performing unexpected actions when the user taps on an ad.

According to Lookout, the ad networks that engage in one or more of these practices are LeadBolt, Moolah Media, RevMob, sellAring, and SendDroid.

Unexpected behavior from apps can be the most vexing. Some ad networks, for instance, show ads inside the Android notification bar, while others place unwanted icons on the Android home screen or unwanted bookmarks in the user's web browser.

This type of sketchy behavior has been around for years, so it's all the more frustrating that it's still allowed in the Google Play Store.

What's worse is that some of the ad networks who rely on these tactics make it tricky to stop receiving ad spam, even if the original app is uninstalled.LeadBolt, SendDroid, and AirPush(which was not mentioned in Lookout's report) require users to install a separate opt-out app or manually enter their device's unique IMEI and MEID numbers on a website. RevMob requires users to opt out of ad emails through links at the bottom of the message.

[Related: Most Android threats would be blocked if phones ran latest Android version, report says]

Google Play security tips

Lookout claims that 6.5 percent of Google Play apps contain one of the adware types described above. The firm estimates that more than one million American Android users have downloaded adware in the past year, and that the odds of new Lookout users having adware on their device is 0.9 percent. (I'd imagine that this figure skews higher than the overall base of Android users, as users of Lookout may download the app specifically to solve an adware problem.)

To avoid adware in Google Play, users should be most cautious with "Personalization" apps, such as those that download ringtones and wallpapers to the phone, 26 percent of which contain adware according to Lookout. Racing games and sports games also carry a relatively high risk, with 23 percent and 18 percent, respectively, containing adware.

It's always a good idea to check user reviews on an unfamiliar app for complaints about adware, and to read the app description itself, as some developers will be up-front about the intrusive ads in their apps.

Of course, you can always download Lookout's security app or adware scanner to help root out those shady ad networks as well, which may well be why Lookout is interested in the topic.

Join the CSO newsletter!

Error: Please check your email address.

Tags Business mobilityconsumer electronicsappsGooglesecurityLookoutsmartphonesAndroid

More about Google

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jared Newman

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts