Android users are currently facing a new threat that can transform their devices into money-making tools for cybercriminals. This latest attack leverages popular applications to install software that carries out ad fraud activities stealthily in the background. Although users themselves do not incur financial losses, the threat poses risks of device slowdowns, making it undesirable for smartphone users.
The malicious campaign, known as SlopAds, has been exacerbated by the presence of infected apps on the Google Play Store. Initially identified by the Satori Threat Intelligence and Research Team, it is estimated that around 224 Android apps have been impacted by this threat. These apps have collectively surpassed 38 million downloads worldwide.
HUMAN’s Satori Threat Intelligence and Research Team elaborated on the situation, stating that they have disrupted a sophisticated ad fraud operation called SlopAds. The threat actors responsible for SlopAds manage a network of 224 apps, which have been downloaded more than 38 million times from Google Play across 228 countries and territories. These apps execute fraud through steganography techniques and create hidden WebViews to direct users to fraudulent ad sites, generating fake ad impressions and clicks.
Google responded promptly upon being alerted to the issue by removing all offending applications from its platform. While this prevents new infections, existing users who have downloaded the apps may still be unwittingly contributing to the cybercriminals’ profits. It is crucial for users to remain vigilant for warning messages.
The Satori Threat Intelligence and Research Team assures that users with the identified apps installed on their devices will receive alerts prompting them to uninstall the apps. This process is facilitated through Google’s default Play Protect service. Users are advised to act promptly upon receiving warnings and delete the apps to mitigate risks.
Ad fraud, although not directly harmful to users, benefits hackers by generating illegitimate clicks in the background. This activity can overload devices, resulting in performance issues. According to Google, ad fraud involves creating false ad interactions to deceive ad networks into believing the traffic originates from genuine user interest. This deceptive practice, considered a form of invalid traffic, undermines trust within the mobile advertising ecosystem and is detrimental to advertisers, developers, and users alike.
