More and more unknown third parties gaining access to personal details.
Privacy risks posed to consumers by aggressive advertisers are on the rise, after new research from antivirus solutions provider Bitdefender found that many are breaching user privacy by uploading phone numbers to third-party entities.
The research, which examined 130,000 popular free Android apps, revealed that 12.87 per cent were found to collect and broadcast users’ phone numbers without providing explicit notification.
Furthermore, of the apps analysed, location data and personal email addresses were also accessed and distributed to third parties by 12.03 per cent and 7.72 percent, respectively.
“The thin line between aggressive advertisers and malware is getting blurrier,” said Catalin Cosoi, Chief Security Strategist at Bitdefender. “While malware may steal passwords and other credentials, aggressive advertisers may collect everything else. Although violating user privacy raises serious concerns, the risk of having collected data used for malicious purposes is greater than most people imagine.”
Over the past five months, adware targeting Android devices jumped to 61 per cent worldwide, while malware increased by 27 per cent and adware in the US grew by 35 per cent, according to a study by Bitdefender Labs.
Meanwhile, the number of Trojan reports saw a 37 per cent spike in December 2012.
The sharpest spike for adware came between November and December, with an increase of 34 per cent.
Trojans saw a gradual increase from September to January, before dropping a couple of percentage points in February.
With adware being utilised to collect as much sensitive information as possible, the line between legitimate software and actual malware is becoming increasingly blurred. Despite not being inherently malicious, adware can collect phone numbers, contacts, and email addresses that are broadcasted to third-party services or sold to the highest bidder. And, according to Bitdefender, the underground market greatly values such data, as it can be used by marketers to profile users.
Furthermore, the firm revealed that the top ranking Trojan family has been reported as FakeInst, which scams users by asking them to pay for apps that would otherwise be free. If the user agrees, it then sends SMS messages to premium-rated numbers, which then ramp up their phone bills.
With regards to aggressive adware, the Android.Adware.Plankton family was found to be the most prevalent, with developers utilising the framework to monetise their operations. Adware is also able to collect personal information, such as email addresses and phone numbers. The more adware frameworks bundled with an app, the more intrusive it becomes, as it broadcasts the user’s data to several third parties.