Mobile gadgets are less susceptible to malware attacks than desktop computers, but they are shaping up to make an environment increasingly targeted by threat actors. No wonder – the user base and attack surface are potentially huge, which is a lure that crooks couldn’t possibly ignore. The app called Leadbolt is an Android adware sample that exemplifies this rising trend.
What is Leadbolt?
Leadbolt is a mobile advertising platforms built to facilitate ad delivery. The main officially declared goal of said solution is to get merchants and advertising entities together on the product promotion job. There is technically nothing wrong about such a mission – in fact, the service is one of many. However, numerous users have been leaving unfavorable feedback regarding Ads by Leadbolt that tend to get very annoying. These unwelcome objects pop up all of a sudden, sometimes occupying the entire screen of an infected Android device. To top it off, intrusive adverts may be embedded in web pages the victim surfs to. Not only do these items irritate target users, but they also affect the performance of a contaminated smartphone or tablet and may become a privacy concern.
Ads powered by Leadbolt typically make an appearance on a device after the user installs some free app from resources other than the official Google Play store. The architects of these malvertising campaigns usually employ application bundling to distribute affiliated products. The scheme is as follows: you find a freeware solution, such as a video makers or file downloader, and install it thinking it’s a great match for your current needs. The trick is that these apps are installed alongside third-party programs. Some of the accompanying utilities may end up causing trouble, as is the case with Leadbolt and its associates. At the end of the day, the potentially unwanted program slips inside without clear authorization, which is definitely not the way a regular applet will propagate.
Having completed the trespass, the Ads by Leadbolt virus automatically gains high-level privileges on the Android gadget. It usually creates several icons on the home screen, linking to an affiliated search provider and something like an app downloader. The list of linked-to services may vary, though. Ultimately, the victim will be bound to constantly close obnoxious ads and large splash screens. Another issue is that the adware will harvest the user’s personally identifiable information in the background. In normal mode, Leadbolt and related tools may not show up on application manager, so the troubleshooting requires booting into safe mode. See below for more details.
Leadbolt ads removal
What you need to do is uninstall the application that’s causing trouble. As it has been mentioned, however, disabling and removing the virus in regular mode is to no avail, so the steps below are must-follow.
1. Boot the device into safe mode
– Press and hold the Power button until the respective screen pops up
2. Now tap and hold the option that says Power off. Depending on the vendor and the phone model, the methods can vary. If nothing happens as a result of the above manipulations, power down the device, then press and hold the Volume Down and Volume Up buttons simultaneously while it’s starting back up.
3. Confirm rebooting into safe mode by tapping OK
4. When in safe mode, go to Settings and select Apps
5. Look down the list of programs and locate a suspicious app or apps that were recently installed
6. Tap each potentially unwanted app in turn and select the Uninstall option. If this button is not active, try Force stop first
7. Tap OK on the confirmation dialog to uninstall the potentially unwanted app
8. Restart into standard mode. The Leadbolt ads should have now vanished from your Android device. You might also want to consider installing a mobile security solution to prevent attacks of this sort further on.