Cybersecurity researchers found that more than 75 apps for Android and more than 10 for iOS were part of an ad fraud scheme. The applications of adware were hosted in official stores Google Play and App Store. Together they have been downloaded over 13 million times.
Applications fall into the adware category, as unwanted programs that throw ads on your screen at inopportune times or without you noticing are called.
In addition to the loss for companies, they take advantage of users’ device resources, such as processing and energy. In addition, they can compromise privacy and security.
Apps imitated games and fooled even advertisers
The discovery was made by a team of experts from the Human Security company. They named the campaign Scylla. It is the third generation of attacks from the same group, which was responsible for Poseidon in 2019 and Charybdis in 2020.
Scylla deceives users and advertisers. On the users’ side, it disguises itself as simple and harmless apps, usually copies of famous games.
On the advertisers side, it changes the app ID, making ad networks believe that it is another program, usually more famous and attractive to companies. So fake apps get more money or more ads.
Scylla’s apps showed irregular ads in a variety of ways, such as out of context (at times and places you wouldn’t expect it, such as on the home screen) or hidden (that’s right: the app tells the advertiser that it showed the ad, but it does not appear on the screen).
They also turned user actions into fake clicks on advertisements to earn more money.
Adware has been removed from Google Play and App Store
The Human Security team says it has worked closely with cybersecurity teams from Google and Apple. The apps in question have been removed from the store, but may still be installed on devices.
For Android devices, the Play Protect feature should detect the adware. On iOS, however, there is no such feature.
Anyway, the recommendation is to uninstall any app that is on the list shared by Human. The complete list is at company website.