Google removed more than fifty apps from the Google Play Store that promised free stuff, but ran an ad fraud scheme instead…
Here’s yet another example of how widespread malware actually is in today’s environment. Google removed 56 Android applications from the Play Store after security firm White Ops discovered they were committing ad fraud. The culprit in this case is the Terracotta botnet, which first became active in late 2019. Terracotta operated by uploading malicious apps to the Google Play Store and promised free perks to people who downloaded them.
Terracotta Botnet Uploaded Fake Apps to the Google Play Store to Commit Ad Fraud
The bogus apps offered free stuff, like shoes, sneakers, boots, and sometimes event tickets, coupons, as well as expensive dental treatments. Anyone who installed the apps were instructed to wait two weeks to receive the free products. But, during that time, the apps deployed a modified version of WebView, a much less robust version of Google Chrome. Meanwhile, in the background, the apps would load advertisements and then capture revenue from fake ad impressions.
One of the programs clandestinely loaded over 2 billion ads inside 65,000 infected mobile devices alone. This caused serious battery drain and ate up huge amounts of mobile bandwidth traffic. However, Google has pulled the apps in question and disabled them from running on users’ devices. Although, it’s uncertain if Google has detected and deleted all applications running the scheme.