Google Promised Free Shoe But Users Got Malware, How True Is That?

ZDNET SECURITY  
Google Play apps promised free shoes, but users got ad fraud malware instead
White Ops discovers a collection of Android apps that installed a hidden browser to load ad-heavy pages and commit ad fraud.

By Catalin Cimpanu for Zero Day | August 30, 2020 -- 12:14 GMT (05:14 PDT) | Topic: Security

Image: White Ops, ZDNet
Google has removed 56 Android applications from the official Google Play Store that the company says were part of an ad fraud botnet.

Named Terracotta, this botnet was discovered by White Ops, a security firm specialized in identifying bot behavior.

White Ops researchers said they've been tracking Terracotta since late 2019 when the botnet seems to have become active.

Install a malicious app for a free product

Per the researchers, Terracotta operated by uploading apps on the Google Play Store that promised users free perks if they installed the applications on their devices.

The apps usually offered free shoes, sneakers, boots, and sometimes tickets, coupons, and expensive dental treatments. Users were told to install the app and then wait two weeks to receive the free products, during which time they had to leave the app installed on their smartphone.

However, the apps downloaded and ran a modified version of WebView, a slimmed-down version of Google Chrome. The Terracotta gang launched the modified WebView browser, hidden from the user's view, and performed ad fraud by loading ads and gaining revenue from fake ad impressions.

The White Ops team described Terracotta as both complex and massive. It was complex because it used advanced techniques to avoid detection from the defrauded ad networks, and was massive because of the scale at which it operated.

For example, White Ops said that in the final week of June alone, the Terracotta botnet silently loaded more than two billion ads inside 65,000 infected smartphones alone.

Some Terracotta apps have been removed from Google Play

Currently, after Google's intervention, the botnet's presence on the Play Store has been reduced, but not removed altogether, with some devices still appearing to be infected.

Bid request volumes as a result of Play Store enforcement

Image: White Ops
Some users might think that because the malicious Terracotta apps were defrauding ad networks and not the users directly, this botnet might not be a problem for them, but, on infected devices, the malicious apps would often wear out batteries and consume mobile bandwidth traffic due to the fact the malicious apps are running around the clock.

A list of Terracotta-infected apps is available in this PDF file.

These apps have been taken down from the Play Store and Google has disabled them on all users' devices, stopping their malicious behavior.

"Due to our collaboration with White Ops investigating the TERRACOTTA ad fraud operation, their critical findings helped us connect the case to a previously-found set of mobile apps and to identify additional bad apps. This allowed us to move quickly to protect users, advertisers, and the broader ecosystem – when we determine policy violations, we take action," a Google spokesperson said.

For security researchers, Android app developers, and software engineers, White Ops has published an in-depth technical report detailing Terracotta's inner-workings
Try Amazon Music Unlimited Free Trial Amazon FreeTime Unlimited Free Trial [caption width="250"]NEED JOB? CLICK IMAGE ABOVE!!![/caption] Johnnyblue1Entertainments.com(THIS SITE) May receive financial compensation for products/services purchased through affiliate links on this site. Shop Amazon - Create an Amazon Baby Registry [caption width="1024"]Sign up and Earn 25 dollars[/caption] Kindle Unlimited Membership Plans [caption width="1024"]ADVERTISE YOUR BUSINESS or BRAND WITH ADSTERRA TO REACH MILLIONS OF PEOPLE[/caption] [caption width="800"]Johnnyblue1 TV [/caption] SUBSCRIBE TO OUR YOUTUBE CHANNEL HERE [caption width="300"]Order From Amazon. The Biggest Online Store On The Planet[/caption] ==>>https://amzn.to/2DK3O6p GET THE BEST E-BOOK FOR ANYONE IN THE HOSPITALITY INDUSTRY. OVER 200 TRAINING MANUALS CLICK HERE TO GET IT==>>https://bit.ly/2Fjt8AN WooCommerce Jetpack Crowdsignal WATCH All Your Favorite Amazon Movies
BEST VIDEO GAMES ON AMAZON CHAT WITH US HERE==>> https://wa.me/2348143982023 BEST MOVIES FROM AMAZON Favorite Movies on Amazon q
[caption width="800"]Watch - Refer And Earn Cash From Watching Youtube Videos[/caption] [caption width="512"]Earn Money By Watching YouTube Videos[/caption] Try Amazon Prime 30-Day Free Trial Give the Gift of Amazon Prime

Comments

Post a Comment

Popular posts from this blog

The Best Ever Ultimate Ketogenic Meal Plan For All

Image
GET THIS NOW   The Ultimate Keto Meal Plan CLICK TO WATCH IT HERE  ==> https://bit.ly/3SsuvQV   ==>> https://www.claudiacaldwell.com/oto-uf61a?el=splittest-1214-bradflow-control#aff=onestopghana If you leave this page you   WON'T   get your: 30-Day Keto Meal Plan Complete Keto Food List 77 Keto Dessert Recipes ​100 Keto Carb Recipes This Is The NEW #1 Conversion  MONSTER  On Digistore24. A KETOGENIC MEAL PLAN OFFER THAT'S PROVEN TO MAKE 8-FIGURES AND MORE We've reached  #1 on the DS24 marketplace  only 7 hours after our launch.  Is this the  STRONGEST  offer ever? Copy our  EXACT  1:1 Facebook Ad Strategy That Has Racked In Over $13,000,000... Created And Improved By Industry Titans That Have Spent Over 120 Million In Paid Traffic.  Here Are 6 Reasons Why You Should Promote This Offer...   1. CRAZIEST PAYOUTS IN THE INDUSTRY:   This may sound so good you want to pinch yourself, but it is indeed true. No other affiliate program can match the level of crazy payouts l
Please Continue Here »

50 MOST VALUABLE BEST PRODUCTS & MATERIALS ONLINE

Image
  CLICK HERE TO GET IT  ==> https://bit.ly/3SsuvQV The Ultimate Keto Meal Plan⚡️ Make $37 AOV With A $1 Sale This Is The NEW #1 Conversion MONSTER On Digistore24. A KETOGENIC MEAL PLAN OFFER THAT'S PROVEN TO MAKE 8-FIGURES AND MORE We've reached #1 on the DS24 marketplace only 7 hours after our launch. Is this the STRONGEST offer ever? Copy our EXACT 1:1 Facebook Ad Strategy That Has Racked In Over $13,000,000... 1 ==>> https://www.claudiacaldwell.com/oto-uf61a?el=splittest-1214-bradflow-control#aff=onestopghana CLICK HERE TO GET IT 2- https://www.bygeniescript.com/fb/index-both-a.html#aff=onestopghana 3- https://www.digistore24.com/redir/299134/onestopghana/ 4- https://getaizenpower24.com/start/index.php#aff=onestopghana 5- https://homedoctorbook.com/book/#aff=onestopghana 6- https://lotterydefeater.com/video.php#aff=onestopghana 7- https://www.digistore24.com/redir/325658/onestopghana/ 8- https://primalgrowpro24.com/text.php#aff=onestopghana 9- https://www.digist
Please Continue Here »

THE MAYFLOWER INN, A BOUTIQUE HOTEL IN ACCRA, KWABENYA

Image
Property Information The Mayflower Inn is a jewel of freedom & relaxation, offering a peaceful, comfortable and memorable experience situated in a quiet residential suburb just 25 minutes outside the hustle and bustle of central Accra, @mayflowerinngh https://drive.google.com/file/d/1_k7qPQg0hbIATA0wHCXZbKwZuDzMNvbs/view?usp=drive_link and 35 minutes from the main port of entry.  The Mayflower Inn offers eight fully serviced en suites bedrooms, with your option of top-quality comfortable King, Queen, Full and Double twin size beds with amenities and double full-size beds. A quiet, homely Inn well situated for all - the weary business person, group travellers or families. Property Name: The Mayflower Inn Street Address: Circle Link City : Kwabenya, Accra - Greater Accra Contact Name: Adelaide Quarshie Phone: +233 302453098 Email: hello@mayflowerinngh.com The Mayflower Inn Amenities Laundry service Meeting rooms Room service 24-hour front desk 24-hour security Air
Please Continue Here »