Eight apps in Google play with more than 2 billion downloads caught abusing user permissions to generate ad revenue.
Among the eight apps such as malicious apps, seven apps owned a Chinese company called company Cheetah Mobile and another app owned by Kika Tech, a Chinese based company.
According to BuzzFeed News report the ad fraud scheme tracked the user behavior in dozens of an Android app and generate a fake revenue, Google estimated the loss close to $10 million stolen from it and their ad partners by generating fake traffic.
Kochava uncovered the fraud scheme, according to their analytics report, both the Cheetah and Kika company apps tracked users when they are downloaded new apps and use their to claim the credit, this process called as click flooding and click injection.
Following are the apps involved in the ad fraud scheme
Clean Master
Security Master
CM Launcher 3D
Kika Keyboard
Battery Doctor
Cheetah Keyboard
CM Locker
CM File Manager
These apps by having the permission to monitor new app install, the Cheetah apps look for new installation as soon as they detect the new downloads the Cheetah app looks for the active bounties for the downloaded app.
Then the Cheetah apps will send fake click with relevant attribution for app installation and gain the bounty, even though the app not played any role in the installation, which is referred to as click injection.
Simmons from Kochava said the apps from Cheetah are programmed to open the newly downloaded apps without user consent, this function added to Cheetah apps in order to increase the possibility of getting credits.
The Kika Keyboard executes both the click flooding and clicks injection. It also listens for the user searches for the app in the play store when the keyboard is active.
Now the Battery Doctor and CM Locker apps are removed from the Play store.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.
Millions of PornHub Users Hijacked by ad Fraud Malware Infections
Cyber Criminal’s Earn $5 Million Daily By Fraudulent Video Ad “Methbot”- A Shocking Report
Kubernetes (K8s) is an open-source container orchestration platform designed to automate application container deployment, scaling, and running. Containers are isolated…
Microsoft's Azure platform is a highly acclaimed and widely recognized solution that organizations worldwide are leveraging. It is regarded as…
The first instance of Redline using such a method is in a new variant of Redline Stealer malware that McAfee…
A threat actor reportedly sells a database containing 49 million user records from Dell, one of the world's leading technology…
A safe and trusted Google Play experience is our top priority. We leverage our SAFE (see below) principles to provide…
BlackBerry reported a new iOS LightSpy malware, but Huntress researchers found it to be a macOS variant targeting Intel or…