查看文章

Mobile users are increasingly becoming targets of malware infections and scams. In order to curb such attacks it is important to know how these attacks originate. We take a previously unexplored step in this direction. Numerous in-app advertisements work at this interface: when the user taps on the advertisement, she is led to a web page which may further redirect until the user reaches the final destination. Even though the original applications may not be malicious, the Web destinations that the user visits could play an important role in propagating attacks. We develop a systematic static analysis methodology to find ad libraries embed in applications and dynamic analysis methodology consisting of three components related to triggering web links, detecting malware and scam campaigns, and determining the provenance of such campaigns reaching the user. Our static analysis system identified 242 different ad …