Security News > 2023 > January > Massive Ad Fraud Scheme Targeted Over 11 Million Devices with 1,700 Spoofed Apps

Researchers have shut down an "Expansive" ad fraud scheme that spoofed more than 1,700 applications from 120 publishers and impacted roughly 11 million devices.

"VASTFLUX was a malvertising attack that injected malicious JavaScript code into digital ad creatives, allowing the fraudsters to stack numerous invisible video ad players behind one another and register ad views," fraud prevention firm HUMAN said.

Should the auction be won, the hijacked ad slot is leveraged to inject rogue JavaScript that establishes contact with a remote server to retrieve the list of apps to be targeted.

The includes the bundle IDs that belong to legitimate apps so as to conduct what's called as an app spoofing attack, in which a fraudulent app passes off as a highly-regarded app in an attempt to trick advertisers into bidding for the ad space.

The takedown of VASTFLUX arrives three months after the disruption of Scylla, a fraud operation targeting advertising software development kits within 80 Android apps and 9 iOS apps published on the official storefronts.

VASTFLUX, which generated over 12 billion bid requests per day at its peak, is only the latest in a stretch of ad fraud botnets that have been shuttered in recent years, after 3ve, PARETO, and Methbot.

News URL

https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html