Archive for the ‘ad fraud’ Category

Google Play apps with >10 million installs drain batteries, jack up data charges

February 21st, 2019
Google Play apps with >10 million installs drain batteries, jack up data charges

Enlarge (credit: NurPhoto | Getty Images)

Is your Android phone feeling hot to the touch, acting sluggish, in need of frequent charges, or using dramatically more data than it used to? It may be a victim of DrainerBot, a major fraud operation distributed through Google Play apps with more than 10 million downloads, researchers said Wednesday.

The apps catered to a wide variety of interests, from makeup and beauty to mobile gaming. Under the hood, the apps download hidden video ads to the phones that consume as much as 10GB per month of bandwidth. While the videos are never viewed or visible by anyone, the downloads generate fraudulent advertising revenue each time a legitimate end user device appears to view a video while visiting a spoofed but legitimate publisher site.

“DrainerBot is one of the first major ad fraud operations to cause clear and direct financial harm to consumers,” said Eric Roza, senior vice president and general manager of Oracle Data Cloud, which uncovered the scheme. “DrainerBot-infected apps can cost users hundreds of dollars in unnecessary data charges while wasting their batteries and slowing their devices.”

Read 6 remaining paragraphs | Comments

Posted in ad fraud, Android, apps, Biz & IT, drainerbot | Comments (0)

Alleged Russian Hacker Pleads Not Guilty After Extradition to United States

January 21st, 2019
A Russian hacker indicted by a United States court for his involvement in online ad fraud schemes that defrauded multiple American companies out of tens of millions of dollars pleaded not guilty on Friday in a courtroom in Brooklyn, New York. Aleksandr Zhukov, 38, was arrested in November last year by Bulgarian authorities after the U.S. issued an international warrant against him, and was

Posted in ad fraud, click fraud Scam, cyber security, extradition, hacking news, Russian hackers, scamming | Comments (0)

How 3ve’s BGP hijackers eluded the Internet—and made $29M

December 21st, 2018
How 3ve’s BGP hijackers eluded the Internet—and made $29M

Enlarge (credit: Aurich / Getty)

Over the past decade, many attackers have exploited design weaknesses in the Internet’s global routing system. Most commonly, the Border Gateway Protocol (BGP) is abused to divert gigabytes, or possibly even petabytes, of high-value traffic to ISPs inside Russia or China, sometimes for years at a time, so that the data can be analyzed or manipulated. Other times, attackers have used BGP hijackings more surgically to achieve specific aims, such as stealing cryptocurrency or regaining control of computers monitored in a police investigation.

Late last month came word of a new scheme. In one of the most sophisticated uses of BGP hijacking yet, criminals used the technique to generate $29 million in fraudulent ad revenue, in part by taking control of IP addresses belonging to the US Air Force and other reputable organizations.

In all, "3ve," as researchers dubbed the ad fraud gang, used BGP attacks to hijack more than 1.5 million IP addresses over a 12-month span beginning in April 2017. The hijacking was notable for the precision and sophistication of the attackers, who clearly had experience with BGP—and a huge amount of patience.

Read 34 remaining paragraphs | Comments

Posted in ad fraud, BGP, Biz & IT, Border Gateway Protocol, Features, hijacking | Comments (0)

Google Play ejects 22 backdoored apps with 2 million+ downloads

December 6th, 2018
Google Play ejects 22 backdoored apps with 2 million+ downloads

(credit: Jeremy Brooks / Flickr)

Almost two dozen apps with more than 2 million downloads have been removed from the Google Play market after researchers found they contained a device-draining backdoor that allowed them to surreptitiously download files from an attacker-controlled server.

The 22 rogue titles included Sparkle Flashlight, a flashlight app that had been downloaded more than 1 million times since it entered Google Play sometime in 2016 or 2017, antivirus provider Sophos said in a blog post published Thursday. Beginning around March of this year, Sparkle Flashlight and two other apps were updated to add the secret downloader. The remaining 19 apps became available after June and contained the downloader from the start.

“Serious harm”

By the time Google removed the apps in late November, they were being used to click endlessly on fraudulent ads. "Andr/Clickr-ad," as Sophos has dubbed the family of apps, automatically started and ran even after a user force-closed them, functions that caused the apps to consume huge amounts of bandwidth and drain batteries. In Thursday's post, Sophos researcher Chen Yu wrote:

Read 9 remaining paragraphs | Comments

Posted in ad fraud, Android, apps, Biz & IT, google play, Malicious | Comments (0)

‘MethBot’ Ad Fraud Operators Making $5 Million Revenue Every Day

December 20th, 2016

The biggest advertising fraud ever!

A group of hackers is making between $3 Million to $5 Million per day from United States brands and media companies in the biggest digital ad fraud ever discovered.

Online fraud-prevention firm White Ops uncovered this new Ad fraud campaign, dubbed “Methbot,” that automatically generates more than 300 Million fraudulent video ad impressions every day.


Posted in ad fraud, advertisement, Botnet, click fraud, Methbot, MethBot Ad Fraud, Russian hackers, Scam, video ads | Comments (0)