Nearly 100 Android Apps (opens in new tab) The researchers claim that the iOS ecosystem has been found to be ad fraudulent.
These apps, 80 of which are built for Android and 9 for iOS, have more than 13 million downloads between them, including games, screensavers, camera apps, and more – some of them has more than 1 million downloads.
Research (opens in new tab) Research from cybersecurity firm HUMAN Security found that by targeting adware development kits (SDKs), unknown threat actors were able to compromise these apps for personal gain in a number of ways: by pretending they were not apps; render ads out of reach; and by faking clicks and clicks (tracking real ad interactions and faking them later).
Evolution of Poseidon
The campaign, which HUMAN calls Scylla, is still ongoing, which means at least some apps are still running. “These tactics, combined with obfuscation techniques first observed in Operation Charybdis, demonstrate the increasing sophistication of the threat actors behind Scylla,” the researchers said.
The Charybdis operation the researchers refer to is an older activity from which Scylla evolved. Charybdis itself evolved from an older campaign called Poseidon, which led researchers to conclude that threat actors are actively developing these applications, and new variants are sure to emerge.
HUMAN says it is “working closely” with Google and Apple to obtain all identified malware (opens in new tab) Apps removed from the corresponding app repositories.
However, that doesn’t mean the threat is completely gone – users who downloaded these apps in the interim remain vulnerable, and remain so until they remove them from their endpoints.
The company urges users to double-check the entire list of apps found here (opens in new tab) And make sure they remove any apps they may have installed.