Android users are under a new threat that could transform their devices into cash generators for cybercriminals. This fresh attack utilizes popular applications to install software that engages in ad fraud by running in the background and producing fake clicks. While users don’t directly lose money, this threat can significantly slow down devices, an undesirable outcome for smartphone owners.
Dubbed SlopAds, this attack has been exacerbated by the presence of infected apps on the Google Play Store. Initially identified by the Satori Threat Intelligence and Research Team, around 224 Android apps have been affected, with downloads surpassing 38 million globally.
According to HUMAN’s Satori Threat Intelligence and Research Team, the SlopAds operation involves a network of 224 apps, downloaded over 38 million times from Google Play across 228 countries and territories. These apps employ steganography to deliver a fraudulent payload, creating hidden WebViews to direct users to malicious sites for generating fake ad impressions and clicks.
Upon discovery of the bug, Google promptly removed all tainted applications from its platform, preventing new infections. However, existing users who downloaded these apps may still inadvertently contribute to illicit earnings for cybercriminals.
To mitigate risks, users are advised to remain vigilant for warning messages. The Satori Threat Intelligence and Research Team ensures that users with identified apps installed on their devices will be notified and prompted to uninstall them. Leveraging Google’s Play Protect service, users are encouraged to act promptly upon receiving a warning and delete the app immediately.
Ad fraud, a deceptive scheme that profits hackers through fake clicks, poses a unique threat that does not directly harm users but can overload devices with background activities, causing sluggish performance. Google defines ad fraud as the generation of deceptive ad interactions to trick ad networks into believing fake traffic is genuine user interest, constituting invalid traffic. This illicit practice, harmful to advertisers, developers, and users, erodes trust in the mobile advertising ecosystem over time.