1,700 Apps Spoofed, 11 Million Devices Targeted: Huge Ad Fraud Revealed

Mallory Delicourt

January 26, 2023 at 6:35 p.m.


iPhones © © Daniel Romero / Unsplash

© Daniel Romero / Unsplash

Researchers have succeeded in putting an end to a gigantic system of advertising fraud, a global phenomenon that even Google is interested inand which, this time, has affected more than 1,700 applications and 11 million devices.

During its most intense phase of activity, the malware was able to generate 12 billion fraudulent advertising requests daily.

Vastflux, a scam on an unprecedented scale

In the summer of 2022, Human Security researchers uncovered a huge automated advertising scam that lasted until December. This network, called Vastflux, bought advertising space within popular applications. By exploiting the existing vulnerabilities, members of the network installed JavaScript malware that activated when a video ad was viewed, generating 25 additional ads in the background.

Obviously, all these advertisements were monetized, and Vastflux could thus trigger up to 12 billion requests each day. This fraudulent process was used to infect 1,700 applications and 120 publishers. In total, more than 11 million smartphones have unwittingly participated in the scam.

Vastflux was a spam ad attack that injected malicious JavaScript code into digital ad creatives, allowing fraudsters to stack numerous invisible video ad players one behind another and record ad views said Human Security.

Fortunately, last December, the servers hosting the scam were taken offline, putting an end to this particular problem. On the other hand, other scams, often linked to Poseidon, continue to operate and are regularly detected.

Users spared, not companies

If Vastflux was able to work for months, even after being detected, it is because the operation of the scam was very well thought out. Invisible to users and with a seamlessly integrated discreet code, the fraud was able to thrive, activating as soon as a device played an infected video advertisement. Moreover, as Marion Habiby, an expert in big data, pointed out to our colleagues at Wiredthe members of the group were very well organized:

When I got the attack volume results, I had to analyze the numbers several times. It’s clear that the scammers were well organized and went to great lengths to avoid detection, ensuring that their attack would last as long as possible, and generate as much money as possible. »

According to the study conducted by Human Security, it is the iPhone that have been targeted in priority. Based on the multiplication of advertisements, the scam visibly left no traces on the devices of users who unwittingly participated. On the other hand, advertisers, whose activities rely at least in part on automated content, would have suffered enormous damage. Unfortunately, the amounts generated by the scam have not been disclosed at this time.

Source : The Hack News

Source link -99