Mobile PUP

Short bio

PUPs use the mobile platform and trusting nature of users to install an app which might have cool functionality but comes bundled with unwanted features such as draining the battery, leaking data, and aggressive advertising. These apps aren’t necessarily malicious but users might want to reconsider installing due to performance hits or bad reputation.

History

Potentially Unwanted Programs have always been a part of the mobile ecosystem and in recent years they’ve been emboldened by the consumers tolerance of some advertising or resource hogging. Consumers have overlooked these behaviors in order to receive a free app but app developers have been greedy and are using shady tactics to pull a fast one their customers.

Common infection method

Infection occurs when an app is bundled with third-party libraries that contain intrusive advertising and other unwanted behaviors and interferes with the mobile experience. Advertising libraries have become the biggest offender of this category by displaying intrusive ads. This includes ads that continually promote apps in the notification bar and through home screen shortcuts, or those that take up the entire screen until they’re dismissed.

Another issue they pose is escalating app privileges beyond what the host app requires for functionality. This leaves users vulnerable to the third parties security holes.

Other PUP apps can contain rooting libraries, capable of sniffing WiFi connections, or Bitcoin mining.

Associated families

Android/PUP.Adware.Airpush Android/PUP.Adware.NoiconAds Android/PUP.Riskpay.Xinyin Android/PUP.Risktool.BitCoinMiner Android/PUP.RiskTool.WifiScan Android/PUP.Riskware.SMSReg Android/PUP.HackTool.SmsBomber

Remediation

These apps can be uninstalled using the mobile devices uninstall functionality. The tricky part is identifying the offending behavior and app. That is where anti-malware software can help by identifying and removing these apps.

Aftermath

The user will see aggressive advertising overtaking their mobile experience, batteries draining at a faster than expected rate, or identifying data being leaked.

Avoidance

Stick to trusted sources for mobile apps, and read app description and reviews. If a permission list is available, review it also and question why an app might need use of risky permissions such as sending SMS, access to contacts, and location.

Screenshots

RELATED THREATS

Mobile

SMS Trojan

Short bio These Trojans use the SMS (text) messaging services of a mobile device to send and intercept messages. The user...

CONTINUE READING
Mobile

Mobile spyware

Short bio Mobile spyware hides in the background (no shortcut icon is created) on a mobile device and steals information such...

CONTINUE READING
Mobile

Mobile ransomware

Short bio Mobile ransomware uses scare tactics to pressure victims into paying fees to unlock their mobile device and restore lost...

CONTINUE READING
Mobile

Mobile Bank Trojan

Short bio With mobile devices and SMS messaging becoming more mainstream, banks looked to capitalize and offer customers a way to...

CONTINUE READING
MALWARE

Trojan dropper

Short bio Downloaders and droppers are helper programs for various types of malware such as Trojans and rootkits. Usually they are implemented...

CONTINUE READING
Contributors icon

Contributors

Threat Center icon

Threat Center

Podcasts icon

Podcast

Glossary icon

Glossary

Scams icon

Scams