When you think about the ads within the apps and games you use on your smartphone, you may be think nothing more of them other than the fact that they provide a stream of revenue for the developers of those free apps. In many cases, this is all the ads do, show you content, which can generate clicks, which can in turn generate revenue for the app developers. Sometimes the apps that users download can be sneaky though, and those ads can also be linked with multiple different types of websites including ad-related sites, tracking websites and in some cases even with websites that at some point were related to malicious activity in some way.
These discoveries come by way of the French security research team Eurecom, who broke down the details of these findings by taking a look at a total of 5,000 different applications spread across each category in the Play Store, selecting the top 100 newest and top 100 most popular from each set. As there are 25 different categories within the Google Play Store, Eurecom analyzed 200 from each. After researching these apps, they found multiple instances where the applications were talking back and forth with ad-related, tracking, and “suspicious” websites known at one point to be associated with malicious activity.
Eurecom uses an app called Music Volume EQ as an example, stating that it connected to over 2,000 distinct URL’s when it has no reason to do so, being that it’s an app which is designed to merely give you more control over your music volume and shouldn’t require a connection to any domains. This was one application of many found to be doing the same thing, although the rest were not communicating on quite so massive a scale with around 10% of the 5,000 tested apps found to be pinging back and forth to around 500 different ad-related sites, with 90% of those ad domains being run by Google. The tracking sites were less prominent according to Eurecom, although of the apps that did communicate with tracking sites, the communication was more aggressive than that of those pinging back and forth to the ad domains, as some of these apps (like Eurosport Player which pinged 810 user-tracking sites altogether) were pinging over 800 domains. In addition to the activity happening without user knowledge more times than not, it can also be a drain on your battery according to Eurecom. As Eurecom believes users should be aware of this kind of activity, they have created their own application which can detect these types of apps and alert users to them called NoSuchApp.