A network of more than 125 rogue websites and Android apps has tracked the behavior of millions of users and defrauded millions of dollars with ad revenue. Google confirmed this after BuzzFeed News wrote about it.
BuzzFeed News concluded based on its own research that there were all kinds of apps that used Google’s mobile advertising network. It involved a botnet called TechSnab that generated fake internet traffic. Using real-looking, rogue apps downloaded by millions of users, the fraudsters studied user behavior and created bots that mimicked the behavior of real users, allowing them to evade detection.
The fake traffic generated views, resulting in revenue. Hundreds of millions of dollars may have been stolen from various brands, whose ads are only shown to bots instead of real users. Google currently thinks that it concerns less than 10 million dollars in fraud that can be related to its own advertising platform. According to the company, most of the ads placed in the affected apps and websites came from other major advertising platforms.
BuzzFeed News reports based on data from the AppBrain service that the identified apps have been installed more than 115 million times on Android phones. This includes game apps, but also apps for a flashlight function or taking selfies. One of the rogue apps, EverythingMe, has been installed over 20 million times.
Google says it has removed a total of more than 30 apps from the Play Store, based on a list of rogue apps and websites provided by BuzzFeed News. Multiple publisher accounts would also have been removed from the ad networks. Google says it is currently conducting further investigations into the network of fraudulent advertisements. The company is said to have removed ten apps from the network before BuzzFeed News notified Google.