Saturday, June 22, 2024

8 Popular apps With More Than 2 Billion Downloads Caught in Massive Ad Fraud Scheme

Eight apps in Google play with more than 2 billion downloads caught abusing user permissions to generate ad revenue.

Among the eight apps such as malicious apps, seven apps owned a Chinese company called company Cheetah Mobile and another app owned by Kika Tech, a Chinese based company.

According to BuzzFeed News report the ad fraud scheme tracked the user behavior in dozens of an Android app and generate a fake revenue, Google estimated the loss close to $10 million stolen from it and their ad partners by generating fake traffic.

Kochava uncovered the fraud scheme, according to their analytics report, both the Cheetah and Kika company apps tracked users when they are downloaded new apps and use their to claim the credit, this process called as click flooding and click injection.

Following are the apps involved in the ad fraud scheme

Clean Master
Security Master
CM Launcher 3D
Kika Keyboard
Battery Doctor
Cheetah Keyboard
CM Locker
CM File Manager

Credits: BuzzFeed News

Ad Fraud Scheme – Eight apps

These apps by having the permission to monitor new app install, the Cheetah apps look for new installation as soon as they detect the new downloads the Cheetah app looks for the active bounties for the downloaded app.

Credits: BuzzFeed News

Then the Cheetah apps will send fake click with relevant attribution for app installation and gain the bounty, even though the app not played any role in the installation, which is referred to as click injection.

Simmons from Kochava said the apps from Cheetah are programmed to open the newly downloaded apps without user consent, this function added to Cheetah apps in order to increase the possibility of getting credits.

The Kika Keyboard executes both the click flooding and clicks injection. It also listens for the user searches for the app in the play store when the keyboard is active.

Now the Battery Doctor and CM Locker apps are removed from the Play store.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Millions of PornHub Users Hijacked by ad Fraud Malware Infections

Cyber Criminal’s Earn $5 Million Daily By Fraudulent Video Ad “Methbot”- A Shocking Report


Latest articles

PrestaShop Website Under Injection Attack Via Facebook Module

A critical vulnerability has been discovered in the "Facebook" module (pkfacebook) from for...

Beware Of Illegal OTT Platforms That Exposes Sensitive Personal Information

A recent rise in data breaches from illegal Chinese OTT platforms exposes that user...

Beware Of Zergeca Botnet with Advanced Scanning & Persistence Features

A new botnet named Zergeca has emerged, showcasing advanced capabilities that set it apart...

Mailcow Mail Server Vulnerability Let Attackers Execute Remote Code

Two critical vulnerabilities (CVE-2024-31204 and CVE-2024-30270) affecting Mailcow versions before 2024-04 allow attackers to...

Hackers Attacking Vaults, Buckets, And Secrets To Steal Data

Hackers target vaults, buckets, and secrets to access some of the most classified and...

Hackers Weaponizing Windows Shortcut Files for Phishing

LNK files, a shortcut file type in Windows OS, provide easy access to programs,...

New Highly Evasive SquidLoader Attacking Employees Mimic As Word Document

Researchers discovered a new malware loader named SquidLoader targeting Chinese organizations, which arrives as...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles