In the summer of 2022, Human Security researchers uncovered a massive automated advertising scam that lasted until December. This network, called Vastflux, bought advertising space inside popular applications. Exploiting existing vulnerabilities, network members installed JavaScript malware that triggered when a video ad was viewed, generating 25 additional ads in the background.
Obviously all these advertisements were monetized and Vastflux could thus trigger up to 12 billion requests per day. This fraudulent process was used to infect 1,700 applications and 120 publishers. In total, more than 11 million smartphones have unknowingly participated in the scam.
” Vastflux was an unwanted advertising attack
who inserted malicious JavaScript into their ad creatives
digital, allowing scammers to amass many readers
invisible video advertisers back to back and record
advertising views said Human Security.
Fortunately, last December, the servers hosting the scam were taken offline, putting an end to this particular problem. On the other hand, other scams, often related to Poseidon, continue to operate and are regularly detected.
#Massive #advertising #fraud #discovered
0 Comments