I am analyzing a mobile application, and I am not sure if it is just an adware/g

Question

I am analyzing a mobile application, and I am not sure if it is just an adware/greyware or does it enter the category of malwares.

This app does not really do any harmful activity. But it forces user to install at least 1 advertised app, app does not get activated unless user installs advertised app. Developer did not mention this requirement on market. It also pushes ads in notification bar. These behaviors seem quite aggressive.

Application does not download any advertised app without user consent/interaction.

Can anyone please tell me if an app with such behavior should be considered greyware/adware or malware?

On virustotal, almost half vendors detect it as adware and other half as malware.

Explanation / Answer

App makers can use ad networks as a valid way to monetize their coding efforts. That, in and of itself, is not an indication of malware. The lack of disclosure of the 2nd install, at best, indicates a lack of integrity on the publisher's part, but again, is not necessarily an indication of malicious intent.

It is unfortunate that they require a secondary install to make that happen, but the original install is not automatically malware.

On the other hand, this type of "bait and switch" scenario is a great set up for delivering malware. If your scans indicate that the secondary install is malware, then you have your answer, and you should be wary.

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.