Symantec recently reported that 23.8% of all Google Play apps are potentially malicious -- up from 15% a year earlier....
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Big Yellow specifically referred to something called madware -- can you please explain what this is and the threats it poses?
Symantec Corp.'s Mobile Adware and Malware Analysis report from October 2013 documented the mobile application security threat of malicious ad libraries in the Android ecosystem. According to Symantec, madware refers to "apps that use aggressive ad libraries."
An advertising library is software that can be used to display advertisements from various sources, usually Internet ad networks. While most ad networks are benign, some are quite aggressive, mining users' sensitive information and asserting other privileges on a device, unbeknownst to the user. Android, along with other platforms, has a plethora of mobile apps that use advertising libraries to not only reduce the apps' development costs, but also monetize the free apps by including ads within them. Using third-party software libraries that are maintained by other developers allows a developer to focus on its application and minimize the time spent including ads in the app -- this is a very common practice in all areas of software development. However, it is quite possible that software developers do not know how aggressive the ad library is, nor the impact it will have on users.
Many people erroneously assume that the Google Play and Apple stores screen for potentially malicious apps that might violate their privacy policies or make their device insecure. The same assumption could be made of the software developers. Unfortunately, many times neither happens.
While the security threat to enterprises is currently minimal (according to Symantec, the malware it observed collects user data for the purpose of displaying targeted ads), madware could certainly be a precursor to future apps stealing sensitive data via third-party libraries. To best reduce the risk from madware, enterprises should create a custom enterprise app store where each app has been independently vetted and approved before being made available to employees. Furthermore, enterprise policy should make it clear that apps on company-owned devices should come from the app store, as should apps on any personally owned devices that access sensitive enterprise data.
Ask the Expert
Perplexed about enterprise security? Send Nick Lewis your questions today! (All questions are anonymous.)
Dig Deeper on Malware, Viruses, Trojans and Spyware
Related Q&A from Nick Lewis
Conficker malware was found in a German nuclear power plant computer system. Expert Nick Lewis explains the possible impact of malware infections of ...continue reading
OneSoftPerDay, an adware program can install backdoors on PCs, is able to avoid detection from antimalware tools. Expert Nick Lewis explains how to ...continue reading
The hot-patching feature in Windows servers is vulnerable to attacks from APT groups. Expert Nick Lewis explains what hot patching is and how to ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.