HUMAN Discovers and Disrupts Ad Fraud Scheme Impacting 89 Apps with More Than 13 Million Downloads from Google Play...
Modern defense strategy enables disruption of sophisticated ad fraud operation, part of an ongoing attack with new adaptations designed to target codes and spoofing
HUMAN Security, Inc. (formerly White Ops), the global leader in safeguarding enterprises from digital attacks with modern defense, today announced the discovery and disruption of a highly sophisticated fraud operation targeting advertising software development kits (SDKs) within 9 apps on the Apple App Store and 80 Android apps on the Google Play Store, which collectively have been downloaded more than 13 million times. The attack, nicknamed Scylla, is an adaptation of a fraud scheme first observed and disrupted by HUMAN's Satori Threat Intelligence and Research Team in 2019. While the attack is ongoing and actively being monitored by the Satori team, HUMAN has collaborated with Apple, Google and others to take down the fraudulent apps from their respective app stores.
Our number one goal is to protect our customers and the digital ecosystem from cybercriminals such as those behind these attacks. The only way we can do this is with modern defense where we can work together across the industry on disruptions like Scylla, said HUMAN Co-Founder and CEO Tamer Hassan. We will continue to remain vigilant for other similar attacks and harness the work of collective protectionwhere an attack on one is a protection event for alldisrupting the economics of cybercrime. That's the only way we win.
Scylla is the third wave of an operation HUMAN first uncovered in 2019, in which a collection of 40+ Android apps openly committed multiple types of ad fraud. That scheme, nicknamed Poseidon after elements of the code within the apps, was disrupted by the Satori team's reverse engineering efforts, resulting in Google removing the apps from its Play Store. A 2020 adaptation of the scheme, nicknamed Charybdis after the daughter of Poseidon, incorporated additional code obfuscation and SDK targeting techniques.
Continue read on benzinga.com