Researchers from Oracle observed a new Ad fraud campaign dubbed ‘DrainerBot’ which plays ad videos in Android devices via infected apps. The DrainerBot ad fraud scheme uses malicious codes in Android apps to deliver ad videos to mobile devices that have installed the infected apps. The ad fraud scheme has been distributed via infected Android applications that have almost 10 million downloads.
Invisible ad videos
The delivered ad videos do not appear onscreen in the apps and are invisible to users. As and when each advertisement is viewed on the legitimate mobile publisher’s site, the infected app reports to the ad network connected to the DrainerBot campaign.
“The infected app reports back to the ad network that each video advertisement has appeared on a legitimate mobile publisher site, but the sites are spoofed, not real,” researchers describe in a blog.
Oracle researchers noted that the infected apps playing invisible ad videos can consume more than 10 GB/month of data and can quickly drain a charged battery, even if the infected apps are not in use or in sleep mode.
Signs that you might have been impacted by DrainerBot ad fraud
The following potential signs indicate that you’re impacted by the DrainerBot ad fraud operation,
“The discovery of the DrainerBot operation highlights the benefit of taking a multi-pronged approach to identifying digital ad fraud by combining multiple cloud technologies. Bottom line is both individuals and organizations need to pay close attention to what applications are running on their devices and who wrote them,” Kyle York, VP of product strategy at Oracle Cloud Infrastructure said.