Symantec recently reported that 23.8% of all Google Play apps are potentially malicious -- up from 15% a year earlier. Big Yellow specifically referred to something called madware -- can you please explain what this is and the threats it poses?
Symantec Corp.'s Mobile Adware and Malware Analysis report from October 2013 documented the mobile application security threat of malicious ad libraries in the Android ecosystem. According to Symantec, madware refers to "apps that use aggressive ad libraries."
An advertising library is software that can be used to display advertisements from various sources, usually Internet ad networks. While most ad networks are benign, some are quite aggressive, mining users' sensitive information and asserting other privileges on a device, unbeknownst to the user. Android, along with other platforms, has a plethora of mobile apps that use advertising libraries to not only reduce the apps' development costs, but also monetize the free apps by including ads within them. Using third-party software libraries that are maintained by other developers allows a developer to focus on its application and minimize the time spent including ads in the app -- this is a very common practice in all areas of software development. However, it is quite possible that software developers do not know how aggressive the ad library is, nor the impact it will have on users.
Many people erroneously assume that the Google Play and Apple stores screen for potentially malicious apps that might violate their privacy policies or make their device insecure. The same assumption could be made of the software developers. Unfortunately, many times neither happens.
While the security threat to enterprises is currently minimal (according to Symantec, the malware it observed collects user data for the purpose of displaying targeted ads), madware could certainly be a precursor to future apps stealing sensitive data via third-party libraries. To best reduce the risk from madware, enterprises should create a custom enterprise app store where each app has been independently vetted and approved before being made available to employees. Furthermore, enterprise policy should make it clear that apps on company-owned devices should come from the app store, as should apps on any personally owned devices that access sensitive enterprise data.
Ask the Expert
Perplexed about enterprise security? Send Nick Lewis your questions today! (All questions are anonymous.)
Related Q&A from Nick Lewis, Enterprise Threats
Chameleon malware targets insecure wireless access points. Enterprise threats expert Nick Lewis explains how to defend against the malware.continue reading
The Zeus malware is threatening RTF security by embedding itself in the file, which is commonly seen as safer than other file formats such as PDFs. ...continue reading
Enterprise threats expert Nick Lewis explains how to detect and avoid one of the most advanced malware threats: The Mask.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.