Mobile Ad Networks Puncture Your Personal Defenses

Tired of pesky ads popping up while you’re using your favorite mobile apps?

That should be the least of your worries. As it turns out, mobile ad networks and affiliate programs are unknowingly advertising much more than they bargained for.

In fact, the code used by advertisers and other third parties for mobile tracking can be exploited to provide attackers with access to your personal data, or even the ability to take control of your mobile device.

But how, you might ask, did these ad networks get their hands on your personal data in the first place?

When a mobile ad company implements a marketing program through advertisements within a mobile app, all of the permissions that you originally granted the app itself are grandfathered in. So, if the app is able to access your photos or emails, the ad company will also be able to see that information.

Our experts at McAfee Labs™ noted in their recent report that a top mobile threat to be on the watch for in 2015 stems from the rise in open and commercial mobile malware source code.

This increase in commercial, malicious code makes it easy for even those with limited technical knowledge to pose a threat. In other words, you don’t have to be a stealthy hacker to exploit vulnerabilities in the code behind free mobile apps that are supported by ad networks.

Once hackers have successfully taken advantage of these vulnerabilities, they might as well have your phone in their hands. Every action from tracking your device to making phone calls or rewriting and deleting your files becomes available to the hacker.

Now, on to the ‘so what’ for you: what can mobile users do to keep these ad networks from puncturing their personal defenses? We’ve got a few quick tips that if followed, are sure to keep your personal information just that—personal.

  • Take note of the permissions you are granting each of your mobile apps. Does app X really need access to your photo library, or can it run just as efficiently without it? Only grant mobile apps extra permissions if they absolutely require them in order to function.
  • If an app is requesting permissions you aren’t comfortable with, don’t install it. Following suit with the above, usually mobile users must be willing to agree to a few permissions prior to downloading an app. So, if there are certain asks that seem fishy or unnecessary, find an alternative app to download.
  • Be vigilant in securing your mobile device. If you want to protect your personal privacy, this is the place to start. McAfee® Mobile Security is free for both Android and iOS and offers widespread protection for your privacy. Including a feature that notifies Android users if downloaded apps are accessing things they shouldn’t be.

Stay on top of the latest consumer and mobile security threats by following @IntelSec_Home on Twitter and like us on Facebook.

lianne-caetano