Google Play Store and Apple Store adware downloaded millions of times
Dozens of apps, downloaded 13 million times, found engaging in adware
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Almost a hundred apps across theAndroidand iOS ecosystems have been discovered engaging in advertising fraud, researchers have claimed.
The apps, 80 of which were built for Android, and nine for iOS, have more than 13 million downloads between them, and include games, screensavers, camera apps, and more - some with more than a million downloads.
Researchfrom cybersecurity firm HUMAN Security found that by targeting advertising software development kits (SDK), the unknown threat actors were able to compromise these apps for their own personal benefit, in multiple ways: by pretending to be apps they’re not; by rendering ads in places where users wouldn’t be able to see them; and by faking clicks and taps (keeping track of real ad interactions and faking them later).
Evolution of Poseidon
The campaign, which HUMAN dubbed Scylla, is still ongoing, meaning at least some of the apps are still up and running. “These tactics, combined with the obfuscation techniques first observed in the Charybdis operation, demonstrate the increased sophistication of the threat actors behind Scylla,” the researchers say.
The Charybdis operation the researchers mention is an older campaign, out of which Scylla evolved. Charybdis itself evolved from an even older campaign, called Poseidon, leading the researchers to conclude that the threat actors are actively developing these apps and that new variants are bound to appear.
HUMAN says it “worked closely” with bothGoogleandAppleto have all of the identifiedmaliciousapps removed from the respective app repositories.
This PDF reader app has a million downloads on the Play Store - but it’s just adware>Millions of us are using malicious browser extensions without realizing>We’ve rounded up the best privacy tools and anonymous browsers
However, that doesn’t mean the threat is completely gone - users who have downloaded these apps in the meantime are still vulnerable, and will remain so until they remove them from their endpoints.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The company urges users to go through the entire list of apps foundhereand make sure they remove any apps they might have installed.
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
7 myths about email security everyone should stop believing
Best Usenet client of 2024
Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics
