No computer system is perfect and companies specializing in cybersecurity are happy to remind us of this on a regular basis. Most recently, it is the teams of the company Human Security who sounded the alarm about a bunch of fraudulent apps on Android and iOS.
Discreet but dangerous ads
In a blog post dated September 23, the company’s researchers have identified no less than 75 Android apps and a dozen iOS apps committing ad fraud. In all, these applications have been installed more than 13 million times on any type of mobile around the world.
These applications take advantage of being installed on an Android or iOS phone to load advertising on the mobile… sometimes right in front of the user. Indeed, some of these apps never display a billboard as such, but instead launch ad-filled web pages in the background. The user sees nothing but fire and the publisher can boast to advertising agencies to display a gigantic amount of ads to all users. Beyond the simple battery problems that such practices can trigger, these applications can also serve as Trojan horses for more vicious malware, as the company BitDefender recently explained.
Charybdis and Scylla
Even more perverse, once installed on a phone, these softwares change their advertising identifiers to make the various advertising agencies believe that they are part of a much more profitable category of application, by disguising themselves as a video streaming application in particular. This massive fraud campaign is linked to a larger scam operation dubbed Poseidon, which has been active since at least 2019. In 2020, a variant of Poseidon, nicely dubbed Charybdis, was already improving the fraud mechanisms by obfuscating bits of its code. Scylla, the scam attempt that interests us today, goes even further in the scam thanks to its particularly discreet execution methods.
The full list of applications pinned by Human Security is available on the company’s website. If you installed one of them, the best thing to do is to get rid of them as soon as possible.