Digital Media Net - Your Gateway To Digital media Creation. News and information on Digital Video, VR, Animation, Visual Effects, Mac Based media. Post Production, CAD, Sound and Music
Categories: MacNews

HUMAN Discovers and Disrupts Ad Fraud Scheme Impacting 89 Apps with More Than 13 Million Downloads from Google Play and Apple App Stores

Modern defense strategy enables disruption of sophisticated ad fraud operation, part of an ongoing attack with new adaptations designed to target codes and spoofing

NEW YORK–(BUSINESS WIRE)–HUMAN Security, Inc. (formerly White Ops), the global leader in safeguarding enterprises from digital attacks with modern defense, today announced the discovery and disruption of a highly sophisticated fraud operation targeting advertising software development kits (SDKs) within 9 apps on the Apple App Store and 80 Android apps on the Google Play Store, which collectively have been downloaded more than 13 million times. The attack, nicknamed Scylla, is an adaptation of a fraud scheme first observed and disrupted by HUMAN’s Satori Threat Intelligence and Research Team in 2019. While the attack is ongoing and actively being monitored by the Satori team, HUMAN has collaborated with Apple, Google and others to take down the fraudulent apps from their respective app stores.

“Our number one goal is to protect our customers and the digital ecosystem from cybercriminals such as those behind these attacks. The only way we can do this is with modern defense where we can work together across the industry on disruptions like Scylla,” said HUMAN Co-Founder and CEO Tamer Hassan. “We will continue to remain vigilant for other similar attacks and harness the work of collective protection—where an attack on one is a protection event for all—disrupting the economics of cybercrime. That’s the only way we win.”

Scylla is the third wave of an operation HUMAN first uncovered in 2019, in which a collection of 40+ Android apps openly committed multiple types of ad fraud. That scheme, nicknamed Poseidon after elements of the code within the apps, was disrupted by the Satori team’s reverse engineering efforts, resulting in Google removing the apps from its Play Store. A 2020 adaptation of the scheme, nicknamed Charybdis after the daughter of Poseidon, incorporated additional code obfuscation and SDK targeting techniques.

Today’s announcement of the disruption of Scylla—named after the granddaughter of Poseidon—reflects a new evolution from the threat actors behind the scheme. While the Poseidon and Charybdis operations centered wholly on Android apps, the Satori team has found evidence that Scylla additionally targets iOS apps and has expanded the attack to other parts of the digital advertising ecosystem.

HUMAN’s Satori team worked closely with the Google Play Store and Apple App Store to ensure all of the apps identified as being associated with the Scylla operation have been removed from public access. HUMAN also closely collaborated with impacted advertising SDK developers to mitigate the impact of the operation to their processes and their advertising partners. Customers of HUMAN’s MediaGuard solution are protected from fraud associated with Scylla and with its predecessors.

Apps within the Scylla operation committed fraud through a variety of tactics, including:

  • App spoofing, in which the Scylla apps pretended to be other apps for the purpose of digital advertising,
  • Hidden ads, in which the apps would render advertisements in places a user couldn’t actually see them, and
  • Fake clicks, in which the apps would keep track of real clicks on advertisements in order to fake additional clicks later.

These tactics, combined with the obfuscation techniques first observed in the Charybdis operation, demonstrate the increased sophistication of the threat actors behind Scylla. This is an ongoing attack, and users should consult the list of apps in the report and consider removing them from all devices. As this attack has evolved multiple times already, the Satori team has withheld certain details about the operation in order to better track and report on further adaptation.

HUMAN verifies the humanity of more than 15 trillion digital interactions per week, offering enterprises a platform with unmatched visibility into fraudulent activity across the Internet. HUMAN achieves this scale through its continued expansion in cybersecurity, including its recent merger with PerimeterX, now offering a suite of products to protect the complete digital customer journey. With new partners and enterprises now able to leverage the Human Defense Platform, comes an even deeper understanding of the cybercrime landscape, enabling HUMAN to adapt continuously, staying ahead of adversaries with modern defense (leveraging internet visibility, network effect, and disruptions), and safeguarding clients with collective protection against threat models they have yet to encounter.

The Satori team used numerous tools to identify Scylla and its operators, whose information has been shared with law enforcement. To learn more about the Scylla operation, visit the HUMAN blog.

About HUMAN

HUMAN is a cybersecurity company that safeguards 500+ customers from digital attacks including sophisticated bots, fraud and account abuse. We leverage modern defense—internet visibility, network effect, and disruptions—to enable our customers to increase ROI and trust while decreasing end-user friction, data contamination, and cybersecurity exposure. Today we verify the humanity of more than 15 trillion interactions per week across advertising, marketing, e-commerce, government, education and enterprise security, putting us in a position to win against cybercriminals. Protect your digital business with HUMAN. To Know Who’s Real, visit www.humansecurity.com.

Contacts

HUMAN Press Contact:

Ellyn Kirtley

Director of Communications

ellyn.kirtley@humansecurity.com
775.342.7063

Staff

Recent Posts

SHOP BLACK FRIDAY, CYBER MONDAY AND TRAVEL TUESDAY DEALS ON EXPEDIA, HOTELS.COM AND VRBO

The biggest travel sale of the year starts today on Expedia, Hotels.com and Vrbo. Travelers…

2 days ago

Mythical Games and FIFA Team Up to Bring New Football Arcade Game ‘FIFA Rivals’ to Mobile Users Worldwide

Announcement Marks the Next Phase of FIFA’s Expanding Portfolio of Games ‘FIFA Rivals’ will Launch…

2 days ago

TerraMaster Black Friday Offers Up to 25% OFF on NAS

SHENZHEN, China, Nov. 22, 2024 /PRNewswire/ -- From November 21 to December 2, the Black…

2 days ago

Cultural Finance Empowers New Quality Productive Forces in the Greater Bay Area’s Cultural Industry

GUANGZHOU, China, Nov. 22, 2024 /PRNewswire/ -- From November 20 to 22, the 2024 Guangdong-Hong…

2 days ago

GE HealthCare Announces Advanced Imaging Innovations for OEC 3D C-arm to Help Improve Precision Care in Practice of Interventional Pulmonology

To help improve clinician workflow and visualization during endoscopic bronchoscopy procedures, the company has added…

2 days ago

IMMOTION WINS BEST VR AWARD FOR THE GREAT MIGRATION AT WCFF 2024

MONTERREY, Mexico, Nov. 22, 2024 /PRNewswire/ -- IMMOTION, the global leader in immersive edutainment, received…

3 days ago