The market for automated advertising, and its 418 billion dollars in annual turnover, whets the appetite. A network of malevolent actors, who used the system for their benefit as part of a gigantic scam, has just been dismantled. Nearly 11 million smartphones unwittingly participated in this hijacking.
A very well-designed scam
Researchers from Human Security, a cybersecurity company specializing in cyberattacks using bots, discovered the pot of roses in the summer of 2022. Called Vastflux, this scandal impersonated 1,700 applications and targeted 120 publishers. Even more impressive, it drove up to 12 billion ad requests per day. If the revenues obtained by the scammers have not been revealed, they could be colossal.
These numbers clearly surprised Human Security analysts. Like Marion Habiby, data specialist: “When I received the first results regarding the volume of the attack, I had to reread the figures several times. It’s clear they were well organized and went to great lengths to avoid detection.”she explains to Wired.
So how exactly did it work? Concretely, the malicious actors offered advertising space on very popular consumer applications. Once the ad was deployed, they inserted malicious JavaScript code into it.
That’s when the scheme fell into place. Indeed, when a smartphone played a video ad, 25 other ads piled up in the background. And if the user only saw one, the scammers were paid for all the others. The only consequence for the Internet user was that his battery was discharging much faster than normal.
We therefore witnessed a multitude of mini-attacks which did not really worry the people concerned since they ended very quickly. Among the victims, there would be many iPhones, even if some Android smartphones were also impacted.
Vastflux has ceased its activities
The members of the Vastflux network, however, ended up being caught by the patrol. Their identity has not been revealed, but they ended up taking their servers down last December. But what should be done so that this type of scam does not happen again in the future?
Quoted by WiredTamer Hassan, CEO of Human Security, believes that money is the sinews of war and that everything must be done to reduce the revenue earned by these malicious actors: “It is by winning the economic game that we will win, as an industry, against cybercriminals”.
