240 Android apps serving fraudulent ads |
Company researchers (White Ops) discovered a scam showing millions of ads across a range of 240+ Android apps via the official Google Store.
These apps have been removed from Google Play Store and users need to remove them from their phone as well.
Researchers claim that this batch of 240 Android apps provides over 15 million impressions per day at peak times.
These apps work as expected in most cases, and therefore are most effective when invisible.
Most of the apps are simple old games like emulators (Nintendo NES) that package companies use to bypass protection.
According to the researchers, these apps then deliver compelling ads that come from trusted sources like Chrome and YouTube.
"The most important tools for adware developers are software packages because they are disguised as intellectual property protections," said Gabriel Serlej, senior analyst at White Ops.
He added: The ads are coming from popular apps and social media platforms (like YouTube and Chrome) and have not been spotted in a while. Therefore, users believe that the ads are ads and the advertisement comes from legitimate platforms.
The White Ops research team found that these fraud apps have been downloaded more than 14 million times.
Different app reviews show that there is little interest in one- and five-star ratings, which is common with suspicious apps.
The researchers said it should be noted that these apps have potentially suspicious behaviors that are consistent with the Advertising SDK interface components that have been renamed with labels referring to well-known apps.
The team found that these applications use various techniques to confuse analysts and deceive crawlers.
Analysts also found that these apps can also increase the number of ads placed by monitoring the user's screen time (open and closed).
Not only can placement of fraudulent ads annoy users, but it can harm all of the advertisers who rely on consumers and reduce brand confidence by disguising them as legitimate apps.
The team found that the bulk of the traffic (nearly 21%) came from Brazil, followed by Indonesia and Vietnam, while the US accounted for 7.7% of fraudulent ad traffic.