Massive Android ad fraud scam drains your phone battery and lets advertisers make money by running hidden video ads, report finds
- Scammers put auto-play ads in Android apps that quietly run in the background
- In total, experts say it led to about 60 million fraudulent video ads per month
- Many of the apps that had bad in-app ads ran on Twitter’s MoPub ad platform
A new report has uncovered a massive advertising fraud scheme that made scammers serious cash, fooled marketing companies and killed users’ smartphone batteries.
The scheme operated via fake banner advertisements that were secretly hidden behind legitimate banner ads in Android apps, according to BuzzFeed News.
This scam was previously spotted by at least two ad fraud detection firms, Protected Media and online media verification firm DoubleVerify’s ad fraud lab.
Scroll down for video
A new report has uncovered a massive advertising fraud scheme that let made scammers serious cash, fooled marketing companies and killed users’ smartphone batteries
Fraudsters were able to hijack in-app ads in apps using Twitter’s MoPub ad platform.
App developers say they’ve received complaints of their apps draining consumers’ phone batteries, BuzzFeed said, but they often can’t explain the source of the battery drain.
Meanwhile, fraudsters rake in cash as their fake ads auto-play in the apps.
The ads aren’t actually seen by anyone, as they’re hid behind real ads, but the scammers still end up making money off of ad views.
Brands end up losing out on money because they purchase the ad spots thinking they’ll be placed as a normal ad in an app, only for it to be hidden out of view.
In total, the scheme is said to have led to the creation of 60 million fraudulent video ads per month, according to DoubleVerify.
The scam, explained in the above graphic, was first spotted by at least two ad fraud detection firms, Protected Media and online media verification firm DoubleVerify’s ad fraud lab
Video advertising solutions company Aniview and its subsidiary OutStream Media were identified as being part of the scheme.
Aniview denied any involvement, saying its systems were ‘exploited’ by a bad actor, according to BuzzFeed.
Consumers end up bearing the brunt of the ad-fraud scheme as fake ads auto-play in Android apps that drain their phone battery
‘BuzzFeed brought to our attention that there is an abuse activity, as an immediate action, we stopped this activity and started and continue an internal incident review,’ Aniview CEO Alon Carmel told the site.
‘…To be crystal clear, another customer on Aniview’s [self-serve] platform used this player and is responsible for this activity and we took actions immediately to stop this activity.
‘We are fighting against bad activities, pushing and focus on clean and legit activities and should not be blamed or framed for bad use of our platform,’ he added.
Protected Media claims Aniview is one of several other ad tech companies that have participated in these types of illegal ad schemes.
‘Fraudsters are purchasing cheap in-app display inventory and are filling it with multiple video players behind innocuous fake branded display ads,’ Asaf Greiner, CEO of Protected Media, told BuzzFeed.
A report from DoubleVerify also breaks down exactly how the ad fraud scheme works.
‘Bad actors are seeking to maximize revenue and profits by stuffing multiple players into the ad slot, intentionally using incorrectly-sized players, and/or using hidden players – practices that are decidedly fraudulent,’ the firm explained.
This is just the latest example of this kind of ad fraud scheme.
Last November, Google and the FBI busted a major ad-fraud operation that hijacked almost two million devices.
The scam was detailed in a 13-count indictment that brought charges against eight people surrounding their involvement in a digital advertising fraud scheme referred to as ‘3ve’ and Methbot.
WHAT ARE 3VE AND METHBOT?
Methbot was a sprawling advertising fraud scheme.
It involved scammers collecting false clicks on ad campaigns by linking them to false IP addresses.
The operation netted the scammers as much as $5 million a day.
Security vendor WhiteOps eventually shut the scheme down in 2016.
Similarly, 3ve was an ad fraud operation that distributed malware on millions of devices to generate fake clicks on ad campaigns.
Scammers infected some 2 million devices and created 60,000 fake accounts with digital ad companies.
It raked in an alleged $29 million.