A large-scale Android ad fraud operation named “SlopAds” involved 224 malicious apps on Google Play, generating 2.3 billion ad requests daily. The campaign utilized sophisticated evasion methods like steganography and remote configuration to conceal malicious activities from security tools. #SlopAds #FatModule
Keypoints
- The SlopAds campaign affected over 38 million users worldwide across 228 countries.
- The malicious apps used obfuscation techniques and steganography to hide malware components.
- The campaign’s infrastructure included numerous command-and-control servers and promotional domains.
- Google has removed all known malicious apps, and Play Protect now warns users about potential threats.
- Threat actors plan to expand the operation, indicating ongoing risks of ad fraud schemes.