App Spoofing Ad Fraud Affects 11 Million Devices
Over 1,700 Apps Used in the Campaign.
An “expansive” adware operation that spoofs over 1,700 apps from 120 publishers and affects around 11 million devices has been stopped by researchers.
Details on the Malicious Campaign
The operation gets its name from the DNS evasion technique it uses, called Fast Flux, and VAST, a Digital Video Ad serving template used to deploy ads to videos.
In order to carry out an app spoofing attack, in which a fraudulent app poses as a well-known app in an effort to dupe advertisers into bidding for the ad space, the ad includes bundle IDs of legitimate apps. The threat actors’ objective was to stack 25 video ads atop one another and register views for revenues. New ads keep loading until the ad slot is closed.
VASTFLUX, which peaked at over 12 billion bid requests per day, is just the most recent in a line of ad fraud botnets to be taken down in recent years, including Methbot, PARETO, and 3ve.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.