He explained that the in-app ad libraries, which are provided by Google, Apple or other third-parties, retrieve advertisements from remote servers and run the ads on a user's smartphone periodically. Every time an ad runs, the app developer receives a payment. However, the research team warns that the practice opens up potentially serious security holes because the ad libraries receive the same permissions that the user granted to the app itself when it was installed. This occurs regardless of whether the users were aware that they were granting permissions to the ad library.Earlier today we reported about a paper that found that ads in free smartphone apps are major battery drainers, researchers from Purdue University in Indiana discovered that in some cases up to 90 percent of an apps' power consumption was caused by ads.
...
The paper warned, "These ad libraries pose security risks because they offer a way for third parties - including hackers - to bypass existing Android security efforts. Specifically, the app itself may be harmless, so it won't trigger any security concerns. But the app's ad library may download harmful or invasive code after installation."
Researchers: Half of Google Play apps pose security risk
Posted on Tuesday, March 20 2012 @ 20:35 CET by Thomas De Maesschalck