Android Apps Serve Ghost Ads

Oracle just uncovered a host of ad fraud operations involving hundreds of Android apps infected with malware.

‘DrainerBot’ as the scheme has been dubbed, served ads to ghost users, most of whom burned through their charges or have no data in their phones. The apps, including ‘Clash of Clans’, are popular enough to have been downloaded over 10 million times.
Oracle reports that the apps were developed with malicious software and were distributed by Tapcore.

Tapcore boasts of an ability to help developers to make money from their apps even if users have pirated them. Their software tools are used in more than 3000 apps.
According to the company’s LinkedIn page, even if the company itself is based in the Netherlands, most of the employees are in Ukraine, Latvia, and Russia.

Tapcore’s core sends video ads on mobile to non-existent users on their phones. The ads will come from spoofed domains, but the apps will register them as though they are from legitimate sources.

People who downloaded the apps found they used plenty of data that they could not account for. One person reviewing Perfect365, an app for makeup, wrote that ‘it sometimes consumes a lot of data from the background.’

It is possible that app developers did not know the nature of the software they used. Commenting on the issue, the director of software engineering at Oracle, Chris Tsoufakis said ‘from what we see; it’s possible that developers are simply victims.’
According to Tapcore’s website, the company is due to launch Apple devices’ software soon. As it is, Oracle has only noticed the malicious code on Android.

When Oracle first learned of DrainerBot, they were running routine investigations. The company estimates the scheme to cost consumers over $100 every year in extra charges for data depending on their plan. There are no estimates as to what the scheme may have cost for advertisers.

The news of DrainerBot comes in a time when mobile ad fraud is on the rise. Towards the end of last year, BuzzFeed published an article about other fraud schemes involving 125 Android apps downloaded over 115 million times.

Request a Meeting
Share it via Page 1 Created with Sketch.