Huge Ad Fraud Operation Targeting 1700 iOS Apps Disrupted By Security Researchers

Security researchers have brought to light a shocking new ad fraud operation that they were able to crack down against.

The mega malicious scheme entailed nearly 1700 different iOS apps that arose from 120 publishers. Most of them were linked to iOS and had become disrupted thanks to security researchers located at the cybersecurity firm called HUMAN.

The name of this particular operation was taken from an ad-serving template design and another evasion technique called fast flux. This is used to hide malicious codes by swiftly altering a vast number of different IP addresses as well as DNS records linked to one domain.

As per the new report by HUMANSecurity, this Vastflux was able to produce around 12 billion requests of bids in a day and that’s quite the peak. This was seen impacting a staggering 11 million devices across the entire Apple system.

Similarly, the researchers started highlighting some more details about Vastflux, including investigating another ad fraud scheme linked to one application producing huge requests thanks to various other app IDs.

Thanks to the assistance of reverse engineering, this particular JavaScript used to run this app showed how there was a certain command and control IP address for communication. It was also producing plenty of commands linked to ad generation. This team ended up piecing a huge malvertising campaign where bad actors simply added JavaScript through the likes of ad creatives that were sent out. They then added some video players over it and got paid for ads despite them being visible to the public that used such devices.

Vastflux even had the likes of several means in place to evade its detection and that includes preventing the use of verification for ad tags. This enables marketers to produce some performance metrics. By keeping this to the side, the scheme was disguised as several ad trackers owned by third parties.

Ad fraud such as this one does not directly have an impact on the likes of users on the platform. But after a drop in performance, it even enhances battery and internet consumption and ends up overheating your device.

There are some common signs of infections linked to adware and ad fraud on devices. Therefore, all users should be aware of and treat such threats seriously while highlighting those apps accounting for such ordeals.

Read next: New Alert Issued Against Android App That Tricks Users Into Visiting Malicious Websites
Previous Post Next Post