Hacking category

Mobile advertisers use malware tricks to get installs

Deceptive advertising targeting Android users is an effective way of getting malware installed. Now some advertisers are using it to get paid through pay-per-install schemes.

We’ve written about advertisers misleading users with scary “you are infected” ad pop-ups in order to get installs of a certain security app and we also know malware uses these tactics.

Lately, we’ve been seeing more and more of this, but this time advertisers are using these banner and pop-up ads to get installs of more trustworthy apps like Dolphin browser.

The messages are less scary than the virus related ones, but they are still meant to get your attention.

It seems a bit backwards but it’s all about making money, ad developers are just as greedy as malware authors–just not as malicious.

Anytime during your mobile browsing experience, if you encounter one of these pop-ups or similar just ignore and it’d probably be best to leave the site displaying them.

Don’t fall for these messages, Android won’t use web pop-ups to inform you of updates, they’ll be handled through a system notification and apps will update via Google Play Services.

Using a tool like Adblock Plus which will filter URL traffic can help prevent most of these ads. Adblock Plus is a third-party app, will require a bit of configuration and only blocks WiFi traffic.


On iOS you won’t see the warning pop-ups, instead you’ll immediately be redirected to the peddled apps App Store page.

If, by chance, you’re interested in installing one of these apps go directly to your trusted source for apps.

By following the redirect you might be going down another rabbit hole and end up getting malware instead of the original.


Armando Orozco

Senior Malware Intelligence Analyst

Faux geek who likes to keep it bland. Experienced in behavioral, PC, and mobile technologies.