In the summer of 2022, Human Security researchers uncovered a huge automated scam that lasted until December. This network, called Vastflux, bought space within popular applications. By exploiting the existing vulnerabilities, members of the network installed JavaScript malware that activated when a video ad was viewed, generating 25 additional ads in the background.
Obviously, all these advertisements were monetized, and Vastflux could thus trigger up to 12 billion requests each day. This fraudulent process was used to infect 1,700 applications and 120 publishers. In total, more than 11 million smartphones have unwittingly participated in the scam.
« Vastflux was an unwanted attack
that injected malicious JavaScript into ad creatives
digital, allowing fraudsters to pile up many readers
invisible video advertisers one behind the other and record
views said Human Security.
Fortunately, last December, the servers hosting the scam were taken offline, putting an end to this particular problem. On the other hand, other scams, often linked to Poseidon, continue to operate and are regularly detected.