Seen Ad Pop-up’s in Your Mobile Browser Lately?

by Armando Orozco

Today, one of our Webroot SecureAnywhere for Android users reported seeing ad redirections while browsing on his Android device. As we began investigating, we noticed that there were a lot of other mobile users seeing the same thing – yes, on their iPhones as well! We were also able to reproduce the behavior on our devices.

This appears to be a clever Ad redirection using JavaScript. The pop-ups are survey offers for free electronics like iPads and iPhones. The users are asked to complete a survey, at the end of which their email address and phone number is also recorded. I know we’ve all seen these pop-ups before, but we’re not used to seeing them in our mobile world.

These pop-ups are not related to any apps you may have installed – they are a result of how the web page was written. Web developers use “alert()” function in JavaScript, which displays a message box requesting response from a user. The advertisers utilize this method to display their ads.

We are still investigating this issue and hope to track down the advertisers responsible. There does not appear to be anything malicious about these pop-ups for the time being, but we are sure malware authors will employ this tactic soon. With the rash of Rogue Applications and the recent discovery of a Rogue AV app (blog coming soon), we can see how this method could be exploited with malicious intent. Again, these are not platform or application-specific behaviors.

To remedy these pop-ups, you can disable JavaScript in your browser settings.

Thanks to JohnDeth of our Webroot Community for bringing this to our attention.

One thought on “Seen Ad Pop-up’s in Your Mobile Browser Lately?

  1. Hi, I am very curious on finding the companies these ads are being served from. Do you have any idea? how can I duplicate these ads being shown?

    Thank you,


Join the Conversation

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s