GeoEdge on Twitter
GeoEdge on Linkedin

© Copyright 2016 GeoEdge Ltd.  |  All rights reserved  |  Privacy Policy  |  Terms of Service

GeoEdge on Twitter

Malvertising: A Profound Threat to Mobile Advertising

May 10, 2016

Mobile advertising is becoming THE digital advertising space. The global mobile advertising market will surpass $100 billion in spending and account for 50% of all digital ad expenses by 2016. Moreover, mobile ad spending will double between 2016 and 2019, reaching 195 billion dollars, accounting for 70.1% of digital ad spend. As the owner of a mobile app or site, these numbers are incredibly exciting, however, just as interest to place ads in the mobile sphere is growing, so is the interest in placing malware and malicious ads. 


What is Malvertising and How Fast Is It Growing
Online and app based ads are used to inject malware on to a user’s device. Unfortunately, malvertisements are fast becoming a massive problem. Symantec cites it as becoming the biggest malware vector and Alcatel-Lucent estimates that around 16 million mobile devices were infected by malware in the year 2014, showing parity with desktop infections. In 2015, IBM reports that 1.12 percent of mobile devices monitored by them exhibited an active malware infection. It is cleat that the infection rate on mobile devices has only increased. It is also clear that cybercriminals are moving into the mobile arena to propagate malware and malicious ad infections.

A Match Made in Malware Heaven

There are a number of factors that make mobiles prone to malware attacks. There, of course, is the basic logistics factor, where malware has two possible entry points on a mobile device – the browser and the apps that sit on the mobile OS. There is also the prevalence of poorly policed third party app stores, where malware-laden apps are available for easy download. Another factor is the increasing use of Potentially Unwanted Programs, or ‘PUPs’, that can hijack legitimate ads and be unknowingly downloaded when a user downloads a specific program or application. 

Malware uses a variety of tactics to get from an infected ad onto your phone; infected ads can come from an app, a browser banner, and also from a video ad. The malware inserts itself into your device memory and then tricks you into installing it, perhaps by displaying a pop up when you install other apps or app updates. In this situation, you have now unwittingly installed malware on your device; and even set permissions for it!

In the case of apps, ads are often displayed in the form of warning messages (you’ll no doubt have seen these when you use free apps in particular).  The anti-virus firm, Avast, discovered a form of this ad malware on Google’s Play Store in a widely installed game called Durak. The infected game started the malware-laden ad which it displayed as warning messages when users would unlock their Android phones.

It is worth noting that mobile app based malware in general is the domain of the Android OS and IOS is, so far, relatively malware free, with 97% of the mobile app malware space being Android based. This concurs with a more recent report that found almost 4900 new Android malware files, per day, in the first quarter of 2015 – an increase of 400 files, per day, over the same period in 2014. 


Brass Tacks: How Does Mobile Malvertising Work?
Once infected, there are possibilities of what can happen: 

One possibility is that you will be taken to a malicious website, often this occurs with an ad redirect action. For example, one, seemingly legitimate ad platform takes ad clickers to a pornographic sub-domain – which then offers an installer for another app. This app is malware and is set up to take money from the user. The 'ad virus' signs the user up to premium rate mobile services and once connected send premium rate SMS texts at a cost of 25c each. It all adds up and the user ends up paying a lot of money over the year.

Another possible result of a malicious ad is having personal data stolen. For example, certain malware will ‘observe’ user behavior to determine when to pop up certain interfaces that will then be used to steal banking login credentials.  

Mobile Ad Security Stops the Malicious Advertising
Malware doesn’t just cause financial losses, it also causes reputational loss – malware infecting potential customers could result in a devastating impact for a brand.  

It is clear that an ad tool solution needs to be implemented to stop cybercriminals from exploiting the mobile advertising space. The right ad management tool can be the mobile ad scanner; it can pinpoint malvertising campaigns and trace the source, helping to protect users as well as the company brand from any potential blowback. With the right solution, not only can a brand be able to isolate potential malware issues, they can ensure only good ads and safe ads for users. 


Malvertising is a profound threat to advertiser and publisher ROI in mobile ads. But whether the ad is HTML5, MRAID, rich media, and even Flash, the GeoEdge solution, protects publishers, platforms, and exchanges from possible threats, for display, mobile and video campaigns. GeoEdge prevents breaches of malvertising and other company policies and the malware scanner and ad scanner alerts you for items like latency, high CPU, auto-redirect, sound autoplay, offensive content, competitive vertical, among many others. Find how just how many other ways GeoEdge can protect you now.


Please reload

Please reload

Browse Posts By Tags
Popular Posts
Please reload