Android users beware — this huge fraud scam campaign hit millions of victims around the world, make sure…
- Trapdoor is an ad fraud campaign using 455 Android apps and 183 C2 domains
- The apps tricked users into fake updates, then secretly launched invisible WebViews to generate 659 million fraudulent ad bid requests daily
- Google removed the 24M+ downloaded apps after disclosure, with researchers warning of malvertising pipelines built from everyday installs
Security researchers have discovered and dismantled a major ad fraud and advertising operation that comprised hundreds of Android apps, and probably generated millions of dollars in profits.
Human Security researchers from the Satori team claim the Trapdoor campaign used 455 applications and 183 command-and-control (C2) domains.
It started on the Google Play Store, where victims were offered seemingly benign utility apps, such as PDF readers, and similar. These apps worked as intended and did nothing that would suggest malicious behavior (for example, asked for extensive permissions or tried to exfiltrate data to a third-party server). However,...
Copyright of this story solely belongs to techradar.com. To see the full text click HERE
