Android Adware Breakdown: Benign Vs. Aggressive
Remember the old days when your PC was flooded by annoying pop-ups that sprung out of nowhere? That’s the type of aggressive adware that used to plague desktops and eventually caused system-wide errors. In some cases used to disseminate malware, such aggressive adware was a pain to remove and caused a lot of damage.
We got so used to seeing ads while surfing the internet or checking our mail that we become numb to pop-ups and banners. With the rise of smartphones, app developers have jumped at the opportunity of making money by integrating in-app ads.
Android apps that have been bundled with adware frameworks are common practice – some 90% of all free Android apps display promotional content.
Not all Android apps feature aggressive ads and, as such, we’ve categorized them as benign. What makes adware aggressive is that they can install additional shortcuts, display pop-up messages, and even send push notifications to your Android notification tray. Although benign adware is common as users often see small rollup messages while playing a free game or using some other free app, aggressive adware is gaining traction as a revenue source for developers.
Aggressive adware is present in 74.4% of the free apps we’ve analyzed and no notification is issued prior to downloading or installing them. Android’s app permissions system only displays system resources that can be accessed by apps, and not information about the type of adware that they come bundled with.
Some of the apps packed with aggressive adware involve titles such as “Sexy Kristen Stewart HD Live” or “Justin Bieber Live Wallpaper” and mostly tap hot topics such as artists or movie stars. Apps like these are not malicious in nature, meaning they’re not injected with malware nor they affect the performance of your device. It’s more like installing PC software that also offers to add a new toolbar to your browser or change your default search engine.
Some adware frameworks like AirPush or Plankton offer developers a plethora of options when it comes to customizing ads to be displayed and where to place them. Although AirPush also features SMS sending capabilities along with the ability to place calls (by using the SEND_SMS or CALL_PHONE permissions), it’s up to the developer whether to use them.
Plankton is also a legitimate advertising SDK for Android, but it cannot be considered adware in the traditional sense because its purpose is to generate revenue by ads that use the SDK. In that respect, Plankton behaves more like a library integrated by developers into their apps. However, once users install apps with the Plankton SDK built into them, a search icon will be displayed on their home screen, a bookmark link on their browser bookmarks will be added, and the default search homepage will be changed.
These two SDK’s are perfect examples of what aggressive adware is about and how it impacts your device. Since there are no regulations on the use of aggressive adware, more developers will probably start incorporating frameworks such as these to supplement their revenues.
Developers have already started to include descriptions like “This app is, brought to you totally free by monetization, ad supported and may contain ads in notification tray and/or home screen.” Android adware is pretty much as intrusive as it can get. The only way to break it down is by figuring out just how many frameworks have been bundled with the app and what other components are installed.
Bitdefender Mobile Security will give you a notification screen, telling you that you’re about to install an app we’ve categorized as “aggressive adware”.
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.