Deceitful individuals engineer vast numbers of advertisement requests, focusing on vigilant Android applications, resulting in significant financial gains.
Security researchers from Human have uncovered a sophisticated ad fraud scheme, dubbed 'SlopAds,' which has resulted in 38 million downloads of deceptive Android apps worldwide. The scheme, characterized by multi-layered obfuscation and steganography, has been active until its recent disruption by Google's removal of the 224 fraudulent apps from the Play Store. The apps, which mostly had AI references, were designed to avoid detection by security researchers and only activate their fraudulent mode if a user clicked on an ad for one of these apps, directing them to the Google Play Store for installation. Once installed, the apps would begin downloading ads in a hidden Webview process. Upon installation, an encrypted configuration was loaded via Firebase Remote Config, containing links to over 300 fraudulent websites, a JavaScript for secretly downloading ads, and four PNG image files. Further code was hidden in these images using steganography. The apps were also programmed to search for signs of possible execution by security researchers before secretly downloading ads. If the app was found and installed via a search in the Play Store, the malicious routine was never activated. However, if none of the signs were found, the apps would begin downloading ads in a hidden Webview process. The requests for ads were sent through multiple redirects to avoid providing suspicious referrers to the ad server. The ad fraud scheme has been operating for an unknown duration, with the number of affected apps increasing during Human's ongoing investigation. The fraudsters likely placed ads for their apps to avoid detection by security researchers who typically do not click on ads. Google has removed the 224 known apps from the Play Store and will prompt users to delete them. The researchers anticipate that the perpetrators will attempt a new, more sophisticated ad fraud scheme in the future. It is estimated that these apps displayed 2.3 billion fraudulent ads daily, but were never seen by anyone. The victims of this scheme are advertisers who pay for ads that no one sees, and app users whose bandwidth, processor power, and battery life are wasted. This serves as a reminder for the importance of cybersecurity and the need for continuous vigilance in the digital age.
Read also:
- Amazon customer duped over Nvidia RTX 5070 Ti purchase: shipped item replaced with suspicious white powder; PC hardware fan deceived, discovers salt instead of GPU core days after receiving defective RTX 5090.
- Insurance company Aflac reveals cyber attack, part of a broader criminal campaign aiming at the insurance sector industry
- 17 Tech Gadgets and Add-Ons Permanently Taking Up Space in My Mental Realm
- 2022 Feature on our site: Leading U.S. Computer and Electronic Equipment Manufacturers (Presented in a Slideshow)
