Security researchers have discovered 75 applications on Google Play and another ten on Apple’s App Store engaged in ad fraud. Collectively, they add to 13 million installations.
Apart from flooding mobile users with advertisements, both visible and hidden, the fraudulent apps also generated revenue by impersonating legitimate apps and impressions.
Although these types of apps are not seen as a severe threat, their operators can use them for more dangerous activity.
Researchers from HUMAN’s Satori Threat Intelligence team identified a collection of mobile apps that are part of a new ad fraud campaign that they named ‘Scylla’.
The analysts believe Scylla is the third wave of an operation they found in August 2019 and dubbed ‘Poseidon’. The second wave, apparently from the same threat actor, was called ‘Charybdis’ and culminated towards the end of 2020.
