Corrupting apps to turn profit

Cyber criminals are targeting popular mobile applications to turn a profit by stealing and recoding them to include advertising.

This is according to Timothy Armstrong, a security expert at Kaspersky Lab, who says that while this tactic is new, a large volume of Android malware have used this tactic. “It is effective because users are often familiar with the name of an application, which increases the possibility that victims will trust and install the app,” he adds.

Armstrong says a developer on the Android Market stole an app called ElectricSleep and incorporated ad spam code. The developer then uploaded the app to the market under the same name.

Armstrong says one sign of tampering was in the permissions list, which is different to the one on the original app. The stolen app asks for access to the cellphone user's location, while the original does not. “The location information is probably used for demographic information, so that they have an idea of where the install base lives,” Armstrong suggests.

Moreover, according to Armstrong, a pay-per-install library was added to the stolen app. He says the library is part of a software development kit from a company called Airpush. He explains that Airpush drives advertisements to cellphone users, creating an income for app developers. In this case, he says, the income goes to the developer who stole the original app.

According to Airpush's Web site, developers earn $10 CPMs and more. Here, CPM refers to cost per M, or thousand impressions.

Ambrose explains that mobile ecosystems appear to be curated by the operator and the operating system hosting the apps stores. He says, as a result, consumers do not give any thought to the threat of malware and they will agree to any terms and conditions included in the app.

Ambrose also warns that with the increased smartphone spread, attacks on personal and business information will increase exponentially. “I don't believe the networks and the operating system vendors, with the exception of Apple, are doing enough to educate and protect the public,” he stresses.