Edit Reading

Back to List

Basic Information

Title

Please enter a title.

URL

Please enter a valid URL.

Date

カテゴリID

画像ファイル名

統計情報

単語数: 421語

読了回数: 0回

作成日: 2022/09/28 08:58

更新日: 2025/12/09 13:19

本文

Security researchers discovered 85 apps engaged in ad fraud; ten are on the App Store, and the other 75 are on Google Play. Combined, people downloaded them over 13 million times. They’re part of a new ad fraud campaign named “Scylla.”

The information comes from Bleeping Computer. According to the publication, researchers from HUMAN’s Satori Threat Intelligence team found 85 apps available on the App Store and Google Play that flood mobile users with ads – both visible and hidden – or generate revenue by “impersonating legitimate apps and impressions.”

The analysts believe Scylla is the third wave of an operation they found in August 2019 and dubbed ‘Poseidon’. The second wave, apparently from the same threat actor, was called ‘Charybdis’ and culminated towards the end of 2020.

Here are the ten apps found on the iOS App Store that offered adware:

Loot the Castle – com.loot.rcastle.fight.battle (id1602634568)
Run Bridge – com.run.bridge.race (id1584737005)
Shinning Gun – com.shinning.gun.ios (id1588037078)
Racing Legend 3D – com.racing.legend.like (id1589579456)
Rope Runner – com.rope.runner.family (id1614987707)
Wood Sculptor – com.wood.sculptor.cutter (id1603211466)
Fire-Wall – com.fire.wall.poptit (id1540542924)
Ninja Critical Hit – wger.ninjacriticalhit.ios (id1514055403)
Tony Runs – com.TonyRuns.game

According to Bleeping Computer, Satori researchers informed Apple and Google about these apps, and they have been removed from the App Store and Google Play. If by any chance you downloaded one of the apps, the best way to remove the adware is to simply erase the app from your device.

The publication explained a bit more about this malware, which, different from other kinds of viruses, is not exactly harmful to your device – since it only shows you ads – although it can be a door for other malware to infect your phone.

The Scylla apps typically used a bundle ID that doesn’t match their publication name, to make it appear to the advertisers as if the ad clicks/impressions come from a more profitable software category.

HUMAN’s researchers found that 29 Scylla apps imitated up to 6,000 CTV-based apps and regularly cycled through the IDs to evade fraud detection.

You can learn more about these scam apps making its way to the App Store and how these waves of invasion have been occuring for the past three years here.

Apple fails to address App Store review complaints as ‘Authenticator’ developers continue facing copycats
Developer exposes another multimillion dollar scam app on the App Store

Add 9to5Mac to your Google News feed.

FTC: We use income earning auto affiliate links. More.

Check out 9to5Mac on YouTube for more Apple news:

本文を入力してください。

メモ

メモ・感想

キャンセル

Edit Reading

Basic Information

統計情報

本文

メモ

Send Report