Google announced the development of a new set of tools for game programmers that will allow for Android playable ads which may lead to security incidents.
Android Playable Ads Can Be a Security Concern
During the GDC conference in San Francisco Google announced a new possibility for Android game programmers – the possibility of integrating playable ads. This is achieved with the help of a new set of gaming-related tools that the company has created for the developers. The option is awaited eagerly by advertising professionals as they will be able to leverage a whole new level of possibilities.
New possibilities now include the creation of an interactive advertising format which will allow potential buyers into playing a lightweight version of a game when they see it advertised in another mobile application. Google’s idea behind the new addition is to boost game development and help the programmers to popularize their apps. An important fact is that these new ads will be compatible with HTML5. Such initiatives are also a catalyst for the Android’s application ecosystem. An advantage to the users is that this will make game discovery much easier. The new format will be brought first to over one million applications that are available on the Google Display Network in the coming months. We remind our readers that Google has already offered advertisers a lot of possibilities to displays ads on their services and platforms which include Google Play, YouTube, Google Search and etc. To offer the best possible experience the company has also introduced an auto-flip feature which automatically changes the orientation of the displayed ads according to the phone’s position.
Possible Security Implications Of The Android Playable Ads
While the feature may be of interest to game programmers and advertisers, there are several ways by which it can be abused by hackers. The fact that the ads are going to be compatible with HTML5 means that code injection and dangerous script modification can be used to conduct dangerous attacks the viewers. Once we see a final working implementation we will be able to judge just how efficiently the model will be able to withstand possible hacker abuse. The Android mobile operating system is one of the most popular targets for viruses and all forms of malware.
In The Meantime: 132 Android Apps Infected with Malicious iFrame Links
Roughly at the same time when Google made the announcement, security researchers discovered that a total of 132 apps on the Google play store were infected with iFrames that linked to malicious domains. According to them the mobile malware originated from infected application development platform without the developers actually knowing about the incident. All of them used the Android WebView component to display static HTML pages which are able to download dangerous payloads to the victim devices. At the time of the investigations the remote malicious domains were shut down. However one of the apps was found to attempt to download and execute a malicious Microsoft Windows executable file. The infected apps themselves only requested Internet permissions and the ability to load interstitial ads. The iFrames are hidden in the infected HTML pages by modifying the display attribute to “None” or having a very small size. All of the 132 apps were found to belong to seven developers which do not appear to have a connection between them, other than the fact that they are from Indonesia.
Android Playable Ads Can Pose a Dangerous Threat
A very similar tactic can be used by malicious users with the introduction of the Android playable ads. Nowadays games and all other types of dynamic code rely on complicated code and multimedia content – animations, text, photos and videos. Some experts have raised concerns over possible abuse of the upcoming ad platform as it may lead to a lot of similar incidents. There are two dangerous case scenarios that we have identified as possible:
- Delivery Of Games Made By Hackers – It is easy to create games that appear as simple and fun and share them via the platform. We suspect that the hackers will attempt to launch such attack campaigns on a global scale.
- Trigger Infection – Hackers can deliver applications which can trigger a malicious component when a user has interacted with a playable ad. This strategy can help reduce the detection ratio.
Hopefully we won’t have to report any abuse and related security incidents.