TheIAS Threat Labpublished a new report that reveals an extensive and sophisticated advertising fraud scheme, called "Vapor Threat", that uses fake Android apps to implement endless intrusive full-screen video ads.
This fraudulent operation, called Vapor, it has this name due to its ability to "vaporize" any real functionality of the apps, leaving behind only intrusive ads.
In total, the Threat Lab identified more than 180 app IDs as part of the Vapor Threat schemethataccumulated over 56 million downloadsandgenerated over 200 million advertising bids daily since 2024without any real functionality being delivered to users
The IAS Threat Lab shared the findings with Google, which subsequently removed from Google Play all the applications identified in the report. However, the fraudsters behind the operation created several developer accounts, each hosting only a set of applications to distribute its operation and avoid detection. This distributed configuration ensures that the deletion of a single account has minimal impact on the overall operation
To obtain more information on how the apps were designed to imitate legitimate apps, the impact of fraud on consumers and brands, the scale and the schedule of the operation, серед інших даних, the report can be downloaded in full (in English) throughfrom this link
For the purpose of contextualization, the IAS Threat Lab is a dedicated team of specialists focused on identifying and dismantling sophisticated fraud operations using malware analysis and reverse engineering to uncover emerging threats before they arise
