PUAs are not technically malware, and should not be considered as such. As Vanja Svajcer, principal virus researcher at SophosLabs notes, they are "borderline" malicious, but they do provide some benefit to the users. So should AV vendors detect them? And how should they classify them and what should they do with them?
In this podcast recorded at Virus Bulletin 2013, Svajcer talks about their efforts to create a mobile PUA taxonomy that would be accurate and helpful to all the stakeholders in the mobile environment, and especially the end users.
Press the play button below to listen to the podcast: