tinder-app-vulnerability-2Growth hacking and app spam are two of the latest security threats and also a very prevalent issue in the world of mobile security.

Firstly, let’s look at growth hacking. In principle of the growth hacking concept is to aggressively growth hack via a legitimate download to an individual’s mobile device. This sort of app spam could also fall under the ‘aggressive’ growth hacking umbrella; however it does so in a quite subversive manner that’s often unknown to the user.

So, what is Growth Hacking?

Growth hacking via app spam can most commonly be seen in messaging apps. The behaviour in this regard more often than not involves unauthorised invites being sent to the downloader’s address book or contacts. It’s very similar to plenty of other viruses we’ve seen historically via email and in other areas. The person who downloaded the app most likely has little or no control or notice that this is happening and it often occurs against their permission.

This sort of app spam is also more common than a lot of people imagine and a lot of well renowned and very common messaging services use this form of hacking. An interesting blog post on Glide is quite insightful and provides interesting information on the subject.

Mobile Security and Spam

According to the information gathered by Adaptive Mobile, a number of communication apps have used spam techniques to send large numbers of invitations to contacts of those who installed the app.

Of all the messages monitored Glide accounting for 57%, followed by Tango, Pixer, Chat App Meow and Skout. The 57% of the messages detected from Glide was 10 times the number sent by Facebook and Whatsapp – which truly places the figures in perspective.

Google’s Efforts

Google has tried to limit the amount of this sort of app spam and of April altered its Android developer’s policy to try and address the issue.

However, it seems that’s not the end of the issue. Even, though there was a drop in the numbers of messages sent following Google’s changing guidelines, Glide has found a manner in which to circumvent the rules and regulations using Bit.ly and then Bit.ly and 301 redirects to certain sites. Bit.ly has taken action on this app spam a number of times, though Glide continues to find new ways to send these messages.

It’s quite an interesting issue and one that will no doubt cause long term problems for Glide. However, it’s a good example of how this sort of app spam is being used to Growth Hack.

App spam on Tinder

There have also been a number of instances of apps spam on the popular dating app Tinder. Tinder is a mobile social media dating app that involves people connecting with other people within their geographic proximity based on how interested they are.

However, there have been a number of reports of app spam here too.

In the case of Tinder spam accounts engage a person using a bot, which will redirect a user to a web landing page for a cam session with fronted by the image of the girl they thought they were talking to. If the user accepts the invitation to watch they are then sent to a sign-up page that requests personal information and a credit card number.

Of course, there are a number of glitches with the bots in the tinder instance, but it’s still an increasingly common form of app spam.

Both of these instances provide interesting information and there should be plenty of thought for security companies who will want to find security solutions to these types of app spam in the future.