DrainerBot infected apps play invisible videos to drain your data

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,057
A new ad fraud campaign is potentially costing victims hundreds of dollars a year in data bills through infected Android apps and games.

Dubbed DrainerBot by Oracle researchers, the scheme has been described as a "major mobile ad fraud operation" which has been distributed through at least ten million downloads of infected consumer applications.

The DrainerBot code has been unpacked and found in malicious software development kits (SDKs) relating to Android mobile apps, many of which have proven popular -- including "Perfect365," "VertexClub," "Draw Clash of Clans," "Touch 'n' Beat – Cinema," and "Solitaire: 4 Seasons (Full)."

DrainerBot's code overlays invisible, fraudulent ads to devices when apps are in use. The infected app will then report back to ad networks connected to the scheme that the advert has been viewed on a legitimate publisher's website, and this results in fraudulent ad revenue kickbacks for the threat actors involved.

Oracle says that video ads are in play, and as these kinds of advertisements generally offer more in revenue than simple banner ads, the legitimate ad networks that have been signed up with are unwittingly being defrauded out of serious cash.

It is not just ad networks which are being scammed, however, As the DrainerBot code is showing ads which are invisible, users may not realize anything is wrong -- at least, until they receive their data bills, which would be heavily impacted by the constant launch and play of online videos.

Oracle says that infected apps can consume over 10GB per month, which potentially could cost device owners a hundred dollars per year or more in charges. In addition, malicious apps can quickly drain a device's battery, even if these applications are not in use.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top