In an ongoing effort that started in 2019, as many as 75 apps on Google Play and 10 on the Apple App Store have been found to be involved in ad fraud scheme.
The most recent attack wave, code-named Scylla by online fraud-prevention company HUMAN Security. It follows similar attack waves that occurred in August 2019 and 2020 and are known, respectively, as Poseidon and Charybdis.
The apps had been downloaded more than 13 million times prior to being taken down from the app marketplaces.
Over 40 Android apps made up the initial Poseidon operation. Origianlly built to display adverts that were either out of context or concealed from the device user’s perspective.
On the other hand, Charybdis was superior to the former because it targeted advertising platforms while using code obfuscation techniques.
In addition to depending on additional layers of code roundabout employing the Allatori tool. Scylla presents the latest adaptation of the scheme in that it ventures outside of the Android ecosystem to enter the iOS ecosystem for the first time.
These apps represent a considerable advancement in sophistication over earlier iterations. Because once installed, they are designed to engage in various forms of ad fraud.
These include faking well-known apps like streaming services to coerce advertising SDKs into putting advertisements, providing irrelevant and “hidden” adverts via off-screen WebViews, and inflating ad clicks to increase revenue from advertising.
The threat actors programme their apps to impersonate other apps for advertising purposes, the business explained. And frequently because the app they’re impersonating is more valuable to an advertiser than the app would be on its own.
As always, users are recommended to carefully review apps before downloading them. Also stay away from third-party app stores on the internet that can include harmful programmes.
