Mobile PUP

Posted: June 9, 2016

Short bio

PUPs use the mobile platform and trusting nature of users to install an app which might have cool functionality but comes bundled with unwanted features such as draining the battery, leaking data, and aggressive advertising. These apps aren’t necessarily malicious but users might want to reconsider installing due to performance hits or bad reputation.

History

Potentially Unwanted Programs have always been a part of the mobile ecosystem and in recent years they’ve been emboldened by the consumers tolerance of some advertising or resource hogging. Consumers have overlooked these behaviors in order to receive a free app but app developers have been greedy and are using shady tactics to pull a fast one their customers.

Common infection method

Infection occurs when an app is bundled with third-party libraries that contain intrusive advertising and other unwanted behaviors and interferes with the mobile experience. Advertising libraries have become the biggest offender of this category by displaying intrusive ads. This includes ads that continually promote apps in the notification bar and through home screen shortcuts, or those that take up the entire screen until they’re dismissed.

Another issue they pose is escalating app privileges beyond what the host app requires for functionality. This leaves users vulnerable to the third parties security holes.

Other PUP apps can contain rooting libraries, capable of sniffing WiFi connections, or Bitcoin mining.

Associated families

Android/PUP.Adware.Airpush
Android/PUP.Adware.NoiconAds
Android/PUP.Riskpay.Xinyin
Android/PUP.Risktool.BitCoinMiner
Android/PUP.RiskTool.WifiScan
Android/PUP.Riskware.SMSReg
Android/PUP.HackTool.SmsBomber

Remediation

These apps can be uninstalled using the mobile devices uninstall functionality. The tricky part is identifying the offending behavior and app. That is where anti-malware software can help by identifying and removing these apps.

Aftermath

The user will see aggressive advertising overtaking their mobile experience, batteries draining at a faster than expected rate, or identifying data being leaked.

Avoidance

Stick to trusted sources for mobile apps, and read app description and reviews. If a permission list is available, review it also and question why an app might need use of risky permissions such as sending SMS, access to contacts, and location.

Cybersecurity info you can’t do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.

Select your language