Tag: Affairs

Experts found 43 Android apps in Google Play with 2.5 million installs that displayed advertisements while a phone’s screen was off.

Recently, researchers from McAfee’s Mobile Research Team discovered 43 Android apps in Google Play with 2.5 million installs that loaded advertisements while a phone’s screen was off.

The experts pointed out that this behavior violates Google Play Developer policy, in impacts the advertisers who pay for Ads that will be never displayed to the users, and also the users because it drains battery, consumes data, and exposes them to multiple risks, including information leaks and disruption of user profiling caused by Clicker behavior. 

The malicious apps include TV/DMB players, music downloaders, news apps, and calendar applications.

The Ad Fraud campaign uncovered by McAfee targeted mainly Korean Android users.

According to the report the ad fraud library used in this campaign implements specific tricks to avoid detection and inspection, such as delaying the initiation of its fraudulent activities.

“It deliberately delays the initiation of its fraudulent activities, creating a latent period from the time of installation. What’s more, all the intricate configurations of this library can be remotely modified and pushed using Firebase Storage or Messaging service. These factors significantly add to the complexity of identifying and analyzing this fraudulent behavior.” reads the report. “Notably, the latent period typically spans several weeks, which makes it challenging to detect.”

The rogue apps start fetching and loading the ads when the device screen is turned off after the latent period. The users will never know that their devices are involved in this fraudulent scheme. The ad library registers device information by accessing the unique domain (ex: mppado.oooocooo.com) linked with the application. The app retrieves the specific advertisement URL from Firebase Storage and shows the ads.  

However, quickly turning on the