Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home > News > Security

June 27th, 2011, 17:27 GMT · By

Android Malware Delivery Techniques Used for Advertising Fraud

SHARE:

Adjust text size:


Legit Android apps repackaged with advertising components
Enlarge picture
Security researchers warn that application repackaging, a technique commonly used to distribute Android malware, has started being used in advertising fraud schemes.

It's already well known that Android malware distributors are taking legit apps that appeal to users and repackage them together with trojans.

The rogue apps are then distributed from unofficial app markets or even Google's official application store, as it happened numerous times until now.

Compared to the original apps, the rigged ones request more extensive permissions which are required for the malicious components.

It seems the technique works so well that it has attracted the attention of other types of cyber crooks as well.

"We've been seeing a rash of repackaged applications posted on the official Android Market," security researchers from Finnish antivirus vendor F-Secure note.

"Android apps are written in Java, and so they have a very low threshold for cloning, there are no real barriers to reverse engineer them," they explain.

However, in one particular case, the cloned app did not have any malicious code in it. Instead, it had an additional module which displays advertisements during its runtime.

"Presumably, the point of the repackaging is to include the advertisement module, with the developers gaining some kind of monetary reward when users view or click through the ads being displayed," the researchers say.

In this case, as expected, the cloned app was a very popular one, with between 1 million and 5 million installs to date. However, it wasn't a paid one. Cracking and repackaging paid apps would make them even more attractive to users, but it would also probably make it more easily for the original developers to spot them.

It's not clear how much money a single app can generate - probably not much - but automating the process for a large number of applications is most likely profitable.

TELL US WHAT YOU THINK:

1,599 hits · Link to this article · Print article · Send to friend · Subscribe to news

MUST-READ RELATED ARTICLES:


New Android Malware Packs Encrypted Root Exploits
More Infected Apps Pulled from the Android Market
Trojan Distributed as Android Market Security Update

READER COMMENTS:



No user comments yet.
Be the first to express your opinion!
Copyright © 2001-2012 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use