>
Nearly a hundred apps on Android (opens in new tab) and iOS ecosystems have been discovered engaged in ad fraud, researchers claim.
The apps, of which 80 are built for Android and nine for iOS, have more than 13 million downloads together and include games, screensavers, camera apps and more – some with over a million downloads.
Research (opens in new tab) from cybersecurity firm HUMAN Security found that by targeting advertising software development kits (SDK), the unknown threat actors were able to compromise these apps for their own personal benefit in several ways: by posing as apps; by displaying advertisements in places where users would not be able to see them; and by faking clicks and taps (tracking real ad interactions and faking it later).
Evolution of Poseidon
The campaign, which HUMAN called Scylla, is still ongoing, meaning at least some of the apps are still running. “These tactics, combined with the obfuscation techniques first observed in the Charybdis operation, demonstrate the increased sophistication of the threat actors behind Scylla,” the researchers say.
The Charybdis operation the investigators cite is an older campaign, from which Scylla evolved. Charybdis itself grew out of an even older campaign called Poseidon, leading the researchers to conclude that the threat actors are actively developing these apps and that new variants are sure to appear.
HUMAN Says It’s “Worked Closely” With Both Google And Apple To Get All The Malicious Persons Identified (opens in new tab) apps removed from the respective app repositories.
However, that doesn’t mean the threat is completely gone – users who have downloaded these apps in the meantime are still vulnerable and will remain so until they remove them from their endpoints.
The company urges users to go through the full list of found apps here (opens in new tab) and make sure they uninstall any apps they may have installed.