Ad Fraud
New Android malware uses AI to click on hidden browser ads
A new family of Android click-fraud trojans leverages TensorFlow machine learning models to automatically detect and interact with specific advertisement elements. The mechanism relies on visual analysis based on machine learning instead of predefined JavaScript click routines, and does not involve script-based DOM-level interaction like classic click-fraud trojans. The threat actor is using TensorFlow.js, an open-source […]
GhostPoster attacks hide malicious JavaScript in Firefox addon logos
A new campaign dubbed ‘GhostPoster’ is hiding JavaScript code in the image logo of malicious Firefox extensions with more than 50,000 downloads, to monitor browser activity and plant a backdoor. The malicious code grants operators persistent high-privilege access to the browser, enabling them to hijack affiliate links, inject tracking code, and commit click and ad fraud. […]
Google nukes 224 Android malware apps behind massive ad fraud campaign
A massive Android ad fraud operation dubbed “SlopAds” was disrupted after 224 malicious applications on Google Play were used to generate 2.3 billion ad requests per day. The ad fraud campaign was discovered by HUMAN’s Satori Threat Intelligence team, which reported that the apps were downloaded over 38 million times and employed obfuscation and steganography to conceal the […]
Google sues to disrupt BadBox 2.0 botnet infecting 10 million devices
Google has filed a lawsuit against the anonymous operators of the Android BadBox 2.0 malware botnet, accusing them of running a global ad fraud scheme against the company’s advertising platforms. The BadBox 2.0 malware botnet is a cybercrime operation that utilizes infected Android Open Source Project (AOSP) devices, including smart TVs, streaming boxes, and other connected devices […]
WordPress ad-fraud plugins generated 1.4 billion ad requests per day
A large-scale ad fraud operation called ‘Scallywag’ is monetizing pirating and URL shortening sites through specially crafted WordPress plugins that generate billions of daily fraudulent requests. Scallywag was uncovered by bot and fraud detection firm HUMAN, which mapped a network of 407 domains supporting the operation that peaked at 1.4 billion fraudulent ad requests per […]
Vo1d malware botnet grows to 1.6 million Android TVs worldwide
A new variant of the Vo1d malware botnet has grown to 1,590,299 infected Android TV devices across 226 countries, recruiting devices as part of anonymous proxy server networks. This is according to an investigation by Xlab, which has been tracking the new campaign since last November, reporting that the botnet peaked on January 14, 2025, and […]
Fraud ring pushes 600+ fake web shops via Facebook ads
A malicious fraud campaign dubbed “ERIAKOS” promotes more than 600 fake web shops through Facebook advertisements to steal visitors’ personal and financial information. The sites promote products from well-known brands and include significant discounts to draw in visitors but are only accessible via mobile devices to evade detection by security scanners. Recorded Future discovered the […]