Malicious Android and iOS apps with 13 million downloads spotted committing ad fraud

iOS apps found committing ad fraud — delete these iPhone apps before adware attacks, News

(Image credit: Apple)

iPhone and Android apps with over 13 million downloads have been discovered to be committing different methods of ad fraud, including new adware tactics that allow threat actors to quietly make a profit.Cybersecurity researchers at Satori Threat Intelligence and Research Team found a collection of apps across the App Store and Google Play Store that contained malicious code, with the ad fraud operation being dubbed “Scylla.” Satori worked with Apple and Google security teams to remove the iOS and Android apps in both stores.
According to the report, more than 75 Android apps and 10 iOS apps committed “several different flavors of advertising fraud,” letting threat actors pretend these apps are legitimate and make a profit through hidden ads and fake clicks. 

iOS apps found committing ad fraud — delete these iPhone apps before adware attacks, News

Example of iOS app Wood Sculptor (Image credit: Satori Threat Intelligence and Research Team)

This was done through App and bundle ID spoofing. The Scylla apps contain code that lets advertisers and ad tech companies believe these are popular apps. This tricks companies into placing ads and, even worse, spending money to place ads in the app — especially if it’s a gaming app or streaming service.The malicious apps also use adware tactics by using hidden ads the user can’t see and having ads pop up even when the app isn’t open. By having these ads pop up and users accidentally click on them, the threat actors make a profit.The Scylla apps also used code to garner fake clicks on ads so advertising companies think they are being clicked on. Clicks are better than views, meaning the fraudsters were gaining extra money from ads that weren’t being clicked on.Scylla stems from a family of ad fraud methods, with the first set of malicious apps being discovered in 2019 by the Satori team. Known as “Poseidon”, the scheme saw 40 Andoird apps commit ad fraud, which also used out-of-context and hidden ads. In late 2020 and early 2021, Satori found the second wave of the scheme, which is labeled “Charybdis.”
As the report points out, Scylla stands out by targetting advertising SDKs not just for Android apps but also for iOS apps. Apple’s App Store is known to have a secure line of defense to avoid malicious apps on its store, but Scylla slipped through with 10 iOS apps. 

Delete these iOS apps

While the Satori team confirms that apps have been taken down on both the App Store and Google Play Store, it’s a good idea to see if these apps are still installed on your iPhone. These apps are run-of-the-mill games that you’d typically find on iOS. Here are nine of the known apps:

  • Loot the Castle
  • Run Bridge
  • Shinning Gun
  • Racing Legend 3D
  • Rope Runner
  • Wood Sculptor
  • Fire-Wall
  • Ninja Critical Hit
  • Tony Runs

For a full list of apps both on iOS and Android, check out the full report on HUMAN Security. More apps using the Scylla attack method could pop up, so be sure to keep an eye out for suspicious-looking apps.
Recently, we’ve seen a new malware that stealing credit card and personal data, along with malware stealing passwords and credit card info. To keep yourself secure, check out the best antivirus apps around, and learn what you need to know about adware, ransomware, and spyware. 

Darragh Murphy

Editor

Darragh Murphy is fascinated by all things bizarre, which usually leads to assorted coverage varying from washing machines designed for AirPods to the mischievous world of cyberattacks. Whether it’s connecting Scar from The Lion King to two-factor authentication or turning his love for gadgets into a fabricated rap battle from 8 Mile, he believes there’s always a quirky spin to be made. With a Master’s degree in Magazine Journalism from The University of Sheffield, along with short stints at Kerrang! and Exposed Magazine, Darragh started his career writing about the tech industry at Time Out Dubai and ShortList Dubai, covering everything from the latest iPhone models and Huawei laptops to massive Esports events in the Middle East. Now, he can be found proudly diving into gaming, gadgets, and letting readers know the joys of docking stations for Laptop Mag.  

TECH NEWS RELATED

The 5 worst iPhones of all time

Apple debuted the original iPhone in 2007, and we’ve come a long way, as demonstrated by 2022’s iPhone 14 lineup. There are 38 total iPhones that have come out in 15 years, and more coming with each year that passes. Contents iPhone 4 iPhone 5c iPhone 6 and iPhone 6 ...

View more: The 5 worst iPhones of all time

Samsung Galaxy S23 just tipped to pull further ahead of iPhone 14 Pro with video upgrade

Samsung Galaxy S23 could be the 8K video king of 2023

View more: Samsung Galaxy S23 just tipped to pull further ahead of iPhone 14 Pro with video upgrade

7 Best Ways to Fix Notification Badges Not Showing on iPhone

You can customize notifications on your iPhone, whether it’s a sound, banner, or pop-up. Besides that, you can use the numbered notification badges on the app icons to know if there are any notifications. That’s helpful if you have a Focus mode on. Notification badges can be great if you ...

View more: 7 Best Ways to Fix Notification Badges Not Showing on iPhone

Almost 100 days after launch, iOS 16 is installed in 7 of every 10 iPhone models

Since its launch, iOS 16 has comparatively achieved a higher user base than iOS 15. Almost 100 days after its release on September 12, the latest operating system is in 68,91% of all iPhone models. The information comes from the third-party analytics website Mixpanel. Comparatively, nearly 100 days after its ...

View more: Almost 100 days after launch, iOS 16 is installed in 7 of every 10 iPhone models

The iPhone just got an official deadline to ditch Lightning for USB-C

EU says December 28th, 2024 is when all phones must offer USB-C charging

View more: The iPhone just got an official deadline to ditch Lightning for USB-C

6 Best Fixes for Dolby Atmos Not Working in Apple Music on iPhone

Dolby Atmos is available to enjoy in Apple Music for iPhone users. And with iOS 16, you can use the Personalized Spatial Audio feature for a three-dimensional surround sound experience. But only some users can enjoy the benefits of Dolby Atmos on their iPhone. Some users complain of being unable ...

View more: 6 Best Fixes for Dolby Atmos Not Working in Apple Music on iPhone

iOS 16 Installed on Almost 70% of iPhones Nearly 100 Days After Launch

iOS 16 is installed on almost 70% of compatible devices as the update’s 100-day launch anniversary approaches, according to third-party analytics website Mixpanel. ‌iOS 16‌ was released to the public on September 12, 2022, and was initially doing better than last year’s iOS 15 update regarding how quickly users were ...

View more: iOS 16 Installed on Almost 70% of iPhones Nearly 100 Days After Launch

The iPhone 15 Ultra could be every bit as expensive as we feared

The iPhone 15 Ultra could have an ultra-high price tag

View more: The iPhone 15 Ultra could be every bit as expensive as we feared

iPhone 15 Ultra: what we know so far

iPhone 15 Ultra price might go up to $1,299, leaker claims

Apple's Largest iPhone Supplier Investing $500 Million in India as Supply Chain Diversification Continues

Foxconn ends 'closed loop' at iPhone megafactory in China

Apple Music Sing Karaoke Mode SKIPS These iPhone, iPad Models

Folding MacBook with OLED display reported alongside folding iPhone update

Apple iOS Blocks 16.1, 16.1.1 Downgrades for iPhone Users

After Heated Battle, Genshin Impact Wins Player's Voice at The 2022 Game Awards

Apple Music Sing will only work on selected iPhone and iPad models, even if they have iOS 16.2

How to Disable Cellular Data for Specific Apps on iPhone

Vampire Survivors Announced for iOS and Android

Apple to allow Mac and iPhone owners in Europe to repair their own devices

OTHER TECH NEWS

Top Car News Car News