Android users are currently at risk of a new threat that could potentially allow cybercriminals to turn their devices into money-making machines. This new attack leverages popular apps to install software that conducts ad fraud in the background, generating fake clicks. While users do not directly lose money from this scheme, it can significantly impact device performance, an unwelcome scenario for smartphone users.
Termed as SlopAds, this attack has been exacerbated by the presence of infected apps on the Google Play Store. Initially identified by the Satori Threat Intelligence and Research Team, it is estimated that around 224 Android apps have been compromised. These apps have collectively amassed over 38 million downloads worldwide.
According to HUMAN’s Satori Threat Intelligence and Research Team, the SlopAds operation involves a network of 224 apps that have been downloaded over 38 million times from the Google Play Store across 228 countries and territories. These apps employ steganography techniques to deliver fraudulent ad impressions and clicks by creating hidden WebViews that redirect to sites controlled by threat actors.
Upon being notified of the issue, Google swiftly removed all offending applications from its platform to prevent further infections. However, existing users who have downloaded these apps may still inadvertently contribute to cybercriminal gains.
To mitigate risks, users are advised to remain vigilant for any warning notifications. The Satori Threat Intelligence and Research Team assures that individuals with identified apps on their devices will receive alerts prompting them to uninstall the compromised apps. This proactive measure aligns with Google’s default Play Protect service, designed to safeguard users from such threats.
Ad fraud, while not directly harmful to users, is a deceptive practice that benefits hackers by generating false ad interactions in the background. This activity can overload devices and hinder performance. Google defines ad fraud as the manipulation of ad interactions to deceive ad networks into believing the traffic is from genuine user interest. This deceitful practice not only harms advertisers and developers but also erodes trust in the mobile advertising ecosystem.
In compliance with the use of cookies and similar technologies, Reach and its affiliates collect device information to enhance site experiences, analyze usage patterns, and deliver personalized advertising. Users have the option to opt out of data sharing or selling by clicking the designated button on the webpage. By accessing our services, users implicitly agree to the use of cookies and data practices outlined in our Privacy Notice and Cookie Policy.