Twitter to allow marketers to promote, distribute apps, could pose security concern

By Kyle Johnson,

In an effort to increase revenue from advertisers, Twitter will allow businesses to advertise and distribute mobile apps through users' timelines. This move could potentially put users at risk.

Since going public, Twitter has been looking for ways to grow revenue and advertisements through Twitter and the acquired advertising network MoPub would certainly help. Reuters reports that app developers have also been turning to social media more and more in an effort to increase their marketing reach for their mobile programs.

Twitter says that developers will be allowed to target users based upon their interests, of which the recently acquired data partner Gnip will likely provide help there. Facebook has already been doing app-install ads and CEO Mark Zuckerberg has touted them as a major source of revenue.

While that sounds good for Twitter, and maybe even users, PC World points out that the app-install ads could potentially be used for more malicious means. Attackers might be able to exploit the system to get at users and their private data.

"It isn't clear from the details available so far how app validation will be done and whether there is an opportunity for malicious providers to create ads and pay for distribution of their applications," James Lyne, Sophos' global head of security research, said. "There may be checks and balances there but how robust they are, we will have to see."

Part of the issue lies in that clicking on shortened URLs in Twitter posts have become so commonplace that that also could lead to opening up users to security problems. Shortened URLS make it difficult for people to see where they will be lead before clicking.

"These kinds of attacks are most successful when a pseudo-trusted Twitter account with many thousands of followers is compromised because users are already habituated to click," said Tim Erlin, director of IT security and risk strategy at Tripwire. "At that point, whether the link is to install an app or to a malicious website, the risk for compromise is the same."



Join Our Newsletter

Popular Threads