Security experts from HUMAN, a cybersecurity firm based in the United States, spotted 85 apps that engaged in mobile ad fraud, 75 on Google’s Play Store and 10 apps on Apple’s App Store, as reported by Bleeping Computer.
The company’s Satori Threat Intelligence and Research Team team, which made the discovery, named the ad fraud campaign ”Scylla”. They said that the apps had 13 million downloads in total, generated revenue by showing visible and invisible ads, and using codes to trick the app stores by pretending to be other apps with the aim of getting more ads to show. They also faked the number of clicks their ads got, according to the report.
Here are some of the iOS apps that were included in the report:
- Loot the Castle – com.loot.rcastle.fight.battle
- Run Bridge – com.run.bridge.race
- Shinning Gun – com.shinning.gun.ios
- Racing Legend 3D – com.racing.legend.like
- Rope Runner – com.rope.runner.family
- Wood Sculptor – com.wood.sculptor.cutter
- Fire-Wall – com.fire.wall.poptit
- Ninja Critical Hit – wger.ninjacriticalhit.ios
- Tony Runs – com.TonyRuns.game
And here are some of the Android apps that had over 1 million installs:
- Super Hero – Save the world! – com.asuper.man.playmilk
- Arrow Coins – com.arrow.coins.funny
- Magic Brush 3D – com.magic.brush.gamesly
- Spot 10 Differences – com.different.ten.spotgames
- One Line Drawing – com.one.line.drawing.stroke.yuxi
- Shoot Master – com.shooter.master.bullet.puzzle.huahong
- Talent Trap – NEW – com.talent.trap.stop.all
- Find 5 Differences – com.find.five.subtle.differences.spot.new
- Dinosaur Legend – com.huluwagames.dinosaur.legend.play
The company said that the Satori team reported its findings to Apple and Google and all of the apps were removed from their app stores.