In a recent move by the Google Play Store, over 240 apps were removed that were infected with fraudulent advertising components. For months, the army of deceptive apps, which were mostly low-quality games or stolen Nintendo Entertainment System (NES) emulators, were present in the Android Google Play Store with over 14 million downloads. While their behavior was not malicious, they disrupte the user experience by displaying out of context (OOC) ads, which seem to be from legitimate phone apps. Security researchers from White Ops named this family of apps RainbowMix, due to the 8-bit and 16-bit games distributing the invasive ads. Although it’s difficult to translate the interactions generated into profit, if the fraudsters received one penny per view, they would have made over $150,000 on good days. This family of apps was removed from the Play Store after the responsible reporting from White Ops.
Analyst Notes
When a user wishes to download an app onto their phone, they are recommended to check the author of the app to verify its legitimacy. It is also recommended, for security purposes, to not download time waster apps as they might contain not only fraudulent ads or malicious coding, but they can also seriously impact the performance of the phone if too many are downloaded since many apps contain background tasks that run all the time, even when the app isn’t visible. This is also a case of responsible reporting. If a user finds that a downloaded app is malicious or is displaying a large amount of OOC ads, the user should report the app to the store that the app was downloaded from as soon as possible then remove the app from the device.
Source Article: https://www.bleepingcomputer.com/news/security/rainbowmix-apps-generate-150-000-in-daily-ad-fraud-profit/
