Today, internet advertising has become a multi-billion dollar industry and countless players are struggling to get a slice of the pie. It is stated that the autonomous class, which displays advertisements according to the habits of the user, has reached 418 billion dollars. Attackers do not miss this opportunity.The world’s largest scam ad network
Discovered by Human Security while normally working on a different cyber threat, the Vastflux scam ad network may be the most complex and largest ever seen. It is stated that the attack affected 11 million phones in total, spread to 1700 applications and victimized 120 ad publishers. 12 billion ad requests are generated daily.
How does Vastflux work? Attackers first participate in the sale of advertising spaces of popular applications or sites and buy these spaces by winning the auction. This means that it receives money from the ads that run.
Normally, 1 ad is shown in a given space in a given time. However, Vastflux can show 25 ads in this time with special JS codes. These overlapping video ads are sent to the system again as 25 requests. In other words, while the user sees 1 ad, 25 ads are actually played. When the ad ends, the code is deleted and leaves no trace.
Vastflux, which is mostly effective on iOS devices and then Android devices, has earned millions of dollars in unfair profits. In addition, advertisers suffered losses and users’ battery life was also reduced.
The good news is that the Vastflux network was discovered late last summer, curtailing its activities and shutting it down in December. The bad news is it is unknown how many more such sophisticated scam ad networks exist, and Vastflux may be operating in another way. Unfortunately, there is not much that can be done on the end user side. The structure behind the Vastflux network is still being traced.
19321
