Researchers have succeeded in putting an end to a gigantic system of advertising fraud, a global phenomenon that even Google is interested inand which, this time, has affected more than 1,700 applications and 11 million devices.
During its most intense phase of activity, the malware was able to generate 12 billion fraudulent advertising requests daily.
Vastflux, a scam on an unprecedented scale
Obviously, all these advertisements were monetized, and Vastflux could thus trigger up to 12 billion requests each day. This fraudulent process was used to infect 1,700 applications and 120 publishers. In total, more than 11 million smartphones have unwittingly participated in the scam.
Fortunately, last December, the servers hosting the scam were taken offline, putting an end to this particular problem. On the other hand, other scams, often linked to Poseidon, continue to operate and are regularly detected.
Users spared, not companies
If Vastflux was able to work for months, even after being detected, it is because the operation of the scam was very well thought out. Invisible to users and with a seamlessly integrated discreet code, the fraud was able to thrive, activating as soon as a device played an infected video advertisement. Moreover, as Marion Habiby, an expert in big data, pointed out to our colleagues at Wiredthe members of the group were very well organized:
” When I got the attack volume results, I had to analyze the numbers several times. It’s clear that the scammers were well organized and went to great lengths to avoid detection, ensuring that their attack would last as long as possible, and generate as much money as possible. »
According to the study conducted by Human Security, it is the iPhone that have been targeted in priority. Based on the multiplication of advertisements, the scam visibly left no traces on the devices of users who unwittingly participated. On the other hand, advertisers, whose activities rely at least in part on automated content, would have suffered enormous damage. Unfortunately, the amounts generated by the scam have not been disclosed at this time.
Source : The Hack News