Adware on Mobile Devices an Evolving Privacy Threat

本文探讨了移动设备上的广告软件(PUPs),特别是Toplank(又名Counterclank)如何未经用户同意收集敏感信息并发送到远程服务器。文章还提到了开发者未明确告知用户壁纸应用含有广告支持的问题。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

Potentially Unwanted Programs (PUPs) are often legitimate software that pose a risk to users’ privacy or systems. A reasonably secure–or privacy-minded–user may want to be informed of the presence of certain PUPs and in some cases remove them. One very common type of PUP is adware, which exists to make revenue through advertising. Some adware is merely annoying but others could ignore or violate a user’s privacy by collecting and transmitting sensitive information to others without the user’s consent. Adware is well-known in the PC world and is becoming more prevalent now on mobile platforms (due to the fact that more developers are able to distribute their own applications from a central source like the Android Market).

The recent PUP Toplank (a.k.a. Counterclank) is an example of how aggressive mobile advertising in the Android world can be. The basic installation behaviors may be bad enough for some users. For example, Toplank adds bookmarks and home-screen shortcuts and makes home-page modifications without adequately informing the user or gaining consent to do so. More disturbing is what it does after it is installed. Recently, during the analysis of suspicious live wallpaper available in the Android Market, I found an advertisement module similar to Toplank’s in the sense that, once the PUP executes, it adds a shortcut in the home screen without the user’s consent:

However, at the same time in the background the following sensitive information is sent to the remote server ad.leadboltapps.net:

In addition to the “normal” sensitive data (OS version, IMEI, geographical location, and phone number) collected by several mobile-advertisement SDKs, this PUP also collects and sends the IP address of the device (which could be internal if the device is connected via network address translation or external if it is using the mobile network). This information, along with the exact identification of the device with the IMEI, could represent a privacy violation to some users. In addition, the developer does not clearly state in the Android Market that the wallpaper is ad supported:

The developer offers an option in Settings to disable notification ads. However, even if the option is disabled, the data has already been leaked and the user can do nothing to stop it.

Adware for mobile devices is constantly evolving and becoming very aggressive, invasive, and even dangerous to our privacy. If you have enabled PUP detection (which is enabled by default), then McAfee Mobile Security for Android detects this adware as Android/LdBolt.A. 

http://blogs.mcafee.com/mcafee-labs/adware-on-mobile-devices-an-evolving-privacy-threat 

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值