Hundreds of Android apps infected with SlopAds ad fraud malware have been removed from the Google Play store after they were downloaded over 38 million times – with users being warned to delete them
Cyber criminals are once again targeting Android devices in a bid to trick unsuspecting victims into handing over their personal and financial information.
Users are being urged to remove apps that have been compromised by the fresh scam immediately, which involves hackers carrying out a sophisticated form of advertising fraud. By flooding apps with malicious adverts, hackers can slow down the devices they’ve compromised whilst padding their own pockets.
The fresh attack was identified by the Satori Threat Intelligence and Research Team and has been dubbed ‘SlopAds’. Researchers have found that 224 Android apps were affected by this assault, which have been downloaded more than 38 million times via the Google Play Store app.
READ MORE: Amazon attack warning ahead of Black Friday as 300 million customers at riskREAD MORE: Cybersecurity specialist says make Microsoft Windows change – or ‘be exposed’
Security specialists from the team revealed: “HUMAN’s Satori Threat Intelligence and Research Team has uncovered and disrupted a sophisticated ad fraud and click fraud operation dubbed SlopAds. The threat actors behind SlopAds operate a collection of 224 apps and growing, collectively downloaded from Google Play more than 38 million times across 228 countries and territories.
“These apps deliver their fraud payload using steganography and create hidden WebViews to navigate to threat actor-owned cashout sites, generating fraudulent ad impressions and clicks. The threat actors’ infrastructure and many of the apps share an AI theme, contributing to the name of the operation.”
It’s crucial to highlight that Google has successfully eliminated all of the problematic apps, ensuring that no fresh users will fall victim to ad fraud. Those concerned about having downloaded one of the applications containing the SlopsAds bug have been told that all those affected will receive an alert encouraging them to remove the apps, reports the Daily Record.
To safeguard against future attacks, all Android users are being advised to ensure Google’s Play Protect feature within the app store remains activated. This mechanism will alert users to potentially corrupted applications before installation, whilst also blocking any subsequent apps that have demonstrated behaviour linked to SlopAds.
Ad fraud doesn’t merely harm device users, but also legitimate advertisers and developers as hackers deceive the network into permitting their infected advertisements. Google added: “Ad interactions generated for the purpose of tricking an ad network into believing traffic is from authentic user interest is ad fraud, which is a form of invalid traffic.
“Ad fraud may be the byproduct of developers implementing ads in disallowed ways, such as showing hidden ads, automatically clicking ads, altering or modifying information and otherwise leveraging non-human actions (spiders, bots, etc.) or human activity designed to produce invalid ad traffic. Invalid traffic and ad fraud is harmful to advertisers, developers, and users, and leads to long-term loss of trust in the mobile Ads ecosystem.”
Android users are being advised to act swiftly and delete any apps flagged as infected to safeguard their devices.
