Cybercriminals are once again focusing on Android devices to deceive unsuspecting victims into divulging personal and financial information. Users are advised to promptly uninstall compromised apps linked to a recent scam involving hackers conducting advanced advertising fraud. These hackers inundate apps with malicious advertisements, causing the compromised devices to slow down while boosting their own profits.
The new attack, known as ‘SlopAds’, was discovered by the Satori Threat Intelligence and Research Team. They found that 224 Android apps were impacted by this assault, with over 38 million downloads from the Google Play Store. Security experts revealed that the threat actors behind SlopAds operate a network of apps that employ steganography to conceal their fraud activities and generate fake ad impressions and clicks by directing users to malicious websites they control.
Google has successfully removed all problematic apps to prevent new users from falling victim to ad fraud. Users who may have unwittingly downloaded apps infected with the SlopsAds bug will receive alerts advising them to delete the apps. To prevent future attacks, Android users are encouraged to keep Google’s Play Protect feature active, which notifies users of potentially harmful apps and blocks those exhibiting SlopAds-related behavior.
Ad fraud not only impacts device users but also legitimate advertisers and developers, as hackers manipulate the system to display infected ads. Google emphasizes that ad fraud, in the form of generating fake ad interactions, is detrimental to the mobile advertising ecosystem, causing financial losses and eroding trust among users, developers, and advertisers.
Android users are urged to act promptly by removing any flagged apps to safeguard their devices against such threats.