Cyber attackers are once again focusing on Android devices to deceive unsuspecting individuals into divulging their personal and financial details. Users are advised to promptly uninstall compromised apps linked to a new scam involving hackers engaging in advanced advertising fraud. By inundating apps with malicious ads, hackers can not only slow down the affected devices but also profit from the scheme.
The recent assault, known as ‘SlopAds,’ was uncovered by the Satori Threat Intelligence and Research Team. They discovered that 224 Android apps were impacted by this attack, collectively downloaded over 38 million times from the Google Play Store.
According to security experts, the Satori team has disrupted a sophisticated ad fraud operation called SlopAds. The threat actors responsible for SlopAds run a network of 224 apps, downloaded from Google Play Store across 228 countries and territories. These apps employ steganography to deliver fraudulent content and create hidden WebViews to direct users to the attackers’ cashout sites, generating fake ad impressions and clicks. Many of the apps and the threat actors’ infrastructure share an AI theme, hence the operation’s name.
Google has successfully removed all problematic apps to prevent new users from falling prey to ad fraud. Individuals who may have downloaded apps affected by the SlopAds bug will receive alerts urging them to delete the apps.
To safeguard against future attacks, Android users are advised to keep Google’s Play Protect feature enabled within the app store. This feature warns users about potentially compromised apps before installation and blocks any apps displaying behavior associated with SlopAds.
Ad fraud not only impacts device users but also harms legitimate advertisers and developers as hackers deceive networks into running their infected ads. Google warns that ad fraud involves generating ad interactions to trick ad networks into believing the traffic is genuine user interest, constituting invalid traffic.
Android users are encouraged to act swiftly by deleting any apps flagged as infected to protect their devices from potential harm.