Close Menu
  • Start
  • Celebrities
  • Music
  • Influencers
  • Tendencies
  • Exclusives
  • Business & Brands
  • TwinH
  • Spanish
What's Hot

Olivia Wilde wears Calvin Klein collection at The Invite in London

Jennifer Lopez explains why a breakup isn’t a failure: video

President Donald Trump praises Village People’s Victor Willis after ‘YMCA’ singer’s death

Facebook X (Twitter) Instagram
  • Home
  • About The FYMOUS
  • Advertising / Promotion
  • Contact
  • DMCA
  • Privacy Policy
  • Terms
  • Publish News
Facebook X (Twitter) Instagram
FYMOUS News
  • Start
  • Celebrities
  • Music
  • Influencers
  • Tendencies
  • Exclusives
  • Business & Brands
  • TwinH
  • Spanish
FYMOUS News
Home » New Ad Scam Campaign Abuses 331 Apps with 60m+ Downloads for Phishing and Intrusive Ads
Celebrities

New Ad Scam Campaign Abuses 331 Apps with 60m+ Downloads for Phishing and Intrusive Ads

By March 18, 2025No Comments3 Mins Read
Share Facebook Twitter Pinterest Telegram LinkedIn Tumblr Email Copy Link
Follow Us
Google News Flipboard
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link

March 18, 2025Ravi LakshmananAdvertising fraud / Mobile security

New Ad Fraud Campaign

Cybersecurity researchers have warned about a massive ad fraud campaign that offers hundreds of malicious apps published on the Google Play Store, offering full-screen ads and leveraging hundreds of malicious apps to carry out phishing attacks.

“The app will even display ads outside of context and try to persuade the victim to provide credentials and credit card information in a phishing attack,” Bitdefender said in a report shared with Hacker News.

Activity details were first disclosed earlier this month by Integrated Advertising Science (IAS) and documented the discoveries of over 180 apps designed to deploy endless, disturbing, full-screen interstitial video ads. The ad fraud scheme was codename steam.

Cybersecurity

The apps, which were removed by Google, collectively accumulated over 56 million downloads under the guise of legitimate apps, generating over 200 million bid requests every day.

“The scammers behind the Vapor operations create multiple developer accounts, each hosting only a handful of apps to distribute the operations and avoid detection,” IAS Threat Lab said. “This distributed setup ensures that takedowns for a single account have minimal impact on the overall operation.”

By mimicking seemingly harmless utilities, fitness and lifestyle applications, this operation was able to successfully install unconscious users.

New Ad Fraud Campaign

Another important aspect is that we know that threat actors employ a sly technique called versions. This will expose malicious features to the functional app that will pass Google’s review process. The feature will be removed in subsequent app updates, and ads will appear in the way.

Additionally, the ads hijack the entire screen of the device, preventing the victim from using the device, making it almost inoperable. The campaign is believed to have begun around April 2024, before expanding earlier this year. Over 140 fake apps have been uploaded to the Play Store in October and November alone.

The latest findings from Romanian cybersecurity companies show that the campaign is bigger than previously thought, featuring up to 331 apps with a total of over 60 million downloads.

In addition to hiding app icons from the launcher, it has also been observed that some of the identified applications attempt to collect credit card data and user credentials for online services. Malware can also remove device information from attacker-controlled servers.

Another technique used to avoid detection is to use Leanback Launcher, a type of launcher designed specifically for Android-based TV devices, and to change your own name and icon by impersonating Google Voice.

Cybersecurity

“The attackers found a way to hide app icons from launchers that are restricted to new Android iterations,” says Bitdefender. “Even though it’s technically impossible on Android 13, the app can start without user interaction.”

The campaign is considered to be the work of either a single threat actor or multiple cybercriminals who use the same packaging tools sold in underground forums.

“The applications under investigation bypass the security restrictions on Android, launching activities even if they are not running in the foreground, and spams users with continuous, full-screen ads if they don’t have the necessary permissions,” the company added. “The same behavior is used to provide a UI element that features phishing attempts.”

Did you find this article interesting? Follow us on Twitter and LinkedIn to read exclusive content you post.

Source link

Follow on Google News Follow on Flipboard
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Previous ArticlePropellerAds launches advertising with Telegram Mini Apps to attract crypto and blockchain users
Next Article How to improve OKTA security in 4 steps

Related Posts

Olivia Wilde wears Calvin Klein collection at The Invite in London

July 1, 2026

Zendaya tries Greek on Kite Island during ‘Odyssey’ press tour

July 1, 2026

Lexi Maintree pays homage to Reese Witherspoon’s 2014 Met Gala look

July 1, 2026
Add A Comment
Leave A Reply Cancel Reply

Latest Posts

Olivia Wilde wears Calvin Klein collection at The Invite in London

Jennifer Lopez explains why a breakup isn’t a failure: video

President Donald Trump praises Village People’s Victor Willis after ‘YMCA’ singer’s death

Zendaya tries Greek on Kite Island during ‘Odyssey’ press tour

Trending Posts

Olivia Wilde wears Calvin Klein collection at The Invite in London

July 1, 2026

Jennifer Lopez explains why a breakup isn’t a failure: video

July 1, 2026

President Donald Trump praises Village People’s Victor Willis after ‘YMCA’ singer’s death

July 1, 2026

Subscribe to News

Subscribe to our newsletter and never miss our latest news

Please enable JavaScript in your browser to complete this form.
Loading

Welcome to The FYMOUS, a modern digital media platform dedicated to celebrities, artists, influencers, brands, entertainment culture, and the growing TwinH ecosystem.

We bring audiences closer to the people, stories, trends, and collaborations shaping today’s culture. From exclusive celebrity news and music releases to influencer highlights, brand partnerships, and TwinH activations, The FYMOUS delivers engaging content designed for the next generation of digital audiences.

Castilla-La Mancha Ignites Innovation: fiveclmsummit Redefines Tech Future

Local Power, Health Innovation: Alcolea de Calatrava Boosts FiveCLM PoC with Community Engagement

The Future of Digital Twins in Healthcare: From Virtual Replicas to Personalized Medical Models

Human Digital Twins: The Next Tech Frontier Set to Transform Healthcare and Beyond

Facebook X (Twitter) Instagram Pinterest YouTube
  • Home
  • About The FYMOUS
  • Advertising / Promotion
  • Contact
  • DMCA
  • Privacy Policy
  • Terms
  • Publish News
© 2026 news.fyself. Designed by by fyself.

Type above and press Enter to search. Press Esc to cancel.