Dozens of popular apps have been removed from Google's Play Store and Apple's App Store for alleged ad fraud. Despite multiple checks and balances employed by Google and Apple, malicious apps on the app stores are nothing new. Android has been especially vulnerable to malware over the years, with rogue developers often seeding malicious software by taking advantage of the platform's relatively open nature. For example, earlier this year, Google removed six fake Android antivirus apps from the Play Store after they were found to be spreading a dangerous banking malware dubbed 'Sharkbot.'SCREENRANT VIDEO OF THE DAY
While Apple's ecosystem is considered relatively safer due to its closed nature, the App Store has also often unwittingly offered a safe harbor to dangerous apps. Last month, security researcher Alex Kleber discovered seven malware apps on the Mac App Store. The apps were reportedly created by the same cyber-crime group in China and included seemingly innocuous offerings, such as PDF readers, screen recorders, video players, etc. Apple removed the apps after being notified by the researcher, but the incident proves that no app store is safe from malicious developers.
Related: Mobile Malware And Phishing Scams Are Huge In 2022 — Here's How To Stay Safe
Cybersecurity researchers at Satori Threat Intelligence and Research Team have identified dozens of apps on the Google Play Store and Apple's App Store as malware that commit ad fraud as part of a convoluted operation dubbed 'Scylla' (pronounced sill-uh). According to the report, more than 75 Android apps and 10 iOS apps committed different types of ad fraud and profited through out-of-context and hidden ads, as well as fake clicks. These apps are said to have collectively garnered 13+ million downloads before Google and Apple took them down following Satori's report.
Adware On iPhones
According to Satori, Scylla is the third wave of an attack that was initially reported in 2019. Called 'Poseidon,' the original malware was detected in more than 40 apps that were found to be committing ad fraud and were subsequently removed from the Google Play Store. The second wave, which Satori calls 'Charybdis' (pronounced kuh-rib-dis), happened in 2020. The latest version of the malware reportedly uses "new tactics and techniques" that the researchers say help the cyber-criminals better cover their tracks.
While the rogue apps have been removed from the Play Store and the App Store, they have been installed by millions of people around the world, meaning the malware still exists on millions of devices. Users concerned about the malware should check whether they have any of the following rogue apps installed on the phone. If found, the app should be deleted immediately. The list of known fraudulent apps with the Scylla malware includes Loot the Castle, Run Bridge, Shinning Gun, Racing Legend 3D, Rope Runner, Wood Sculptor, Fire-Wall, Ninja Critical Hit and Tony Runs.
Source: Human Security