free counter

Google Play Store and Apple Store adware downloaded an incredible number of times

app security

(Image credit:

Almost 100 apps over the Android (opens in new tab) and iOS ecosystems have already been discovered participating in advertising fraud, researchers have claimed.

The apps, 80 which were built for Android, and nine for iOS, have significantly more than 13 million downloads between them, you need to include games, screensavers, camera apps, and much more – some with an increase of when compared to a million downloads.

Research (opens in new tab) from cybersecurity firm HUMAN Security discovered that by targeting advertising software development kits (SDK), the unknown threat actors could actually compromise these apps because of their own private benefit, in multiple ways: by pretending to be apps theyre not; by rendering ads in places where users wouldnt have the ability to see them; and by faking clicks and taps (monitoring real ad interactions and faking them later).

Evolution of Poseidon

The campaign, which HUMAN dubbed Scylla, continues to be ongoing, meaning at the very least a few of the apps remain ready to go. These tactics, combined with obfuscation techniques first seen in the Charybdis operation, demonstrate the increased sophistication of the threat actors behind Scylla, the researchers say.

The Charybdis operation the researchers mention can be an older campaign, out which Scylla evolved. Charybdis itself evolved from a straight older campaign, called Poseidon, leading the researchers to summarize that the threat actors are actively developing these apps and that new variants are bound to seem.

HUMAN says it worked closely with both Google and Apple to possess all the identified malicious (opens in new tab) apps taken off the respective app repositories.

However, that doesnt mean the threat is totally gone – users who’ve downloaded these apps for the time being remain vulnerable, and can remain so until they take them off from their endpoints.

The business urges users to undergo the entire set of apps found here (opens in new tab) and make certain they remove any apps they could have installed.

Sead is really a seasoned freelance journalist located in Sarajevo, Bosnia and Herzegovina. He writes about any of it (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, regulations). In his career, spanning greater than a decade, hes written for numerous media outlets, including Al Jazeera Balkans. Hes also held several modules on article writing for Represent Communications.

Read More

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker