silversurfer

Level 64
Verified
Trusted
Content Creator
Malware Hunter
A family of Android apps is using the lure of free items to distribute a novel ad fraud botnet.

Victims of the scam are told that they will receive a complimentary gift when they download an app from the Google Play Store. However, the only thing received by victims is an infection of malware that silently loads ads in the background on their smart device.

The ad fraud operation, discovered by White Ops’ Satori Threat Intelligence & Research team, which named it TERRACOTTA, started in late 2019. The team found that by the end of June 2020, more than 65,000 devices had been unwitting participants in the scam, over 5,000 apps had been spoofed, and more than 2 billion bid requests had been generated.

"What makes this unique is that the fraudsters were advanced in knowing how to pull off ad fraud verification plausibly," said a White Ops spokesperson. "This means the ads were never being reported via the Google Play Store for showing ads, nor were users complaining of seeing unwanted ads. Instead, they were lying dormant, and the only 'free product' being delivered to users was a payload of ad fraud malware."
 

silversurfer

Level 64
Verified
Trusted
Content Creator
Malware Hunter
Google has removed an undisclosed number of Android applications from the official Google Play Store that the company says were part of an ad fraud botnet. Named Terracotta, this botnet was discovered by the Satori mobile security team at White Ops, a security firm specialized in identifying bot behavior.

 
Top