In the past, we have seen many methods used by mobile malware authors to install their nefarious software on mobile devices. Now, it has been found that many of these malware are using mobile ad networks to gain access to users’ devices.
Many ad networks come pre-packaged with malware and the apps developers are not always cognizant of. Developers usually side with such an ad network which is the highest bidder. Chances are that the highest bidding ad network is paying so much because it is fuelled with the money from malware authors.
In a recent case, a senior security analyst Wade Williamson found out that such shady ad networks are being used by a number of legitimate apps in many Asian countries. They are embedded in such networks and so, the malware are easily able to gain access, even to the most legitimate apps.
Once such a malware gains access to a user’s smartphone, it somehow installs itself on the device and then starts siphoning off money. To do so, the malware connects to a command-and-control server from where it receives instructions.
Most often, such a malware starts sending out premium messages from a smartphone and depletes the user’s balance. In certain cases, it can even be used to steal financial and other information from a user and then use it for other nefarious purposes.
According to Willaimson, this marks a new evolution in mobile malware and shows that malware authors are adapting newer, cleverer ways of having their way.