Malicious Apps With Millions of Downloads Found in Apple App Store, Google Play

  /     /     /  
Publicated : 23/11/2024   Category : security


Malicious Apps With Millions of Downloads Found in Apple App Store, Google Play


The ongoing ad fraud campaign can be traced back to 2019, but recently expanded into the iOS ecosystem, researchers say.



The threat actors behind a newly discovered malicious advertising app operation have been active since at least 2019, but researchers tracking their evolution report the group has become more sophisticated, expanding beyond its previous Android-specific attacks into the iOS ecosystem.
The latest campaign, according to researchers with Human Securitys Satori research team, included 80 Android Apps lurking in the Google Play store and, notably, 9 in the Apple App Store. All together, the team reported the malicious applications were downloaded at least 13 million times.
Once downloaded, the
malicious applications
spoof other apps to rack up digital ad views, play hidden ads the user couldnt see to gain fraudulent views, and even track legitimate ad clicks to hone the groups ability to fake them more convincingly later.
The research team, which flagged the apps for removal from the official stores, calls this latest iteration of the attack group Scylla. The earliest version of the group was called Poseidon, then Charybdis.
Scylla is the third wave of attacks
from the threat actors, the Human team explained in their report.
Todays announcement of the disruption of Scylla — named after the granddaughter of Poseidon — reflects a new evolution from the threat actors behind the scheme, the Human team said about the find. While the Poseidon and Charybdis operations centered wholly on Android apps, the Satori team has found evidence that Scylla additionally targets iOS apps and has expanded the attack to other parts of the digital advertising ecosystem.
Human Security worked with Google and Apple to remove the malicious applications and is continuing to work with advertising software development kit developers to mitigate the campaigns fallout.
These tactics, combined with the obfuscation techniques first observed in the Charybdis operation, demonstrate the increased sophistication of the threat actors behind Scylla, the Human team added. This is an
ongoing
attack, and users should consult the list of apps in the report and consider removing them from all devices.

Last News

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Malicious Apps With Millions of Downloads Found in Apple App Store, Google Play