Information security researchers have uncovered a huge network of deceptive apps that display fake ads, especially on Apple iPhones.
The process is called Vastflux because it uses the Video Ad Display Model (VAST) specification, as well as Flux technology to change blocks of Internet Protocol (IP) addresses and Domain Name System (DNS) records to hide malicious code inside fake apps.
Operation Vastflux was discovered by HUMAN’s cybersecurity team while investigating another ad fraud network, and found that it affected more than 11 million devices, most of them running iOS from Apple, and generated more than 12 billion bid requests per day. . Noting that the request for quotation is a piece of code used to sell visual ads. They allow visitors to view ads that are most relevant to them, and allow multiple advertisers to use the same ad on a specific publisher’s platform.
Researchers discovered the campaign when they found an app that was using multiple app identifiers to generate an abnormal amount of bid requests. After reverse-engineering the obfuscated JavaScript code, they found the main server that the app was communicating with, which had received commands from the app to create ads.
From there, the researchers discovered the entire network, which included nearly 2,000 deceptive apps. They explained that the malicious ads in these malicious apps stack a whole bunch of video players on top of each other, and the network is paid for all the ads even though they are invisible to the person using the device.
Related topics to what you are reading now:
With the help of the impersonated customers and brands, HUMAN launched a series of targeted attacks on Vastflux between June and July 2022, and then the command and control servers of the network stopped following a period of time to stop their operations, until the quotes arrived. All to zero last December.
The campaign may appear harmless and not have a significant security impact on infected devices, but it has caused performance issues, battery drain, and overheating in some cases.
Given that it is not possible to monitor hardware usage such as CPU and RAM on iPhones, there are third-party apps that can. The display of the percentage of power in the battery can also be enabled from the device settings, which may indicate the presence of suspicious applications if the percentage is abnormally low.