Join us on Wall Street StreetInsider Premium. Request your 1-week free trial here.
A modern defense strategy enables the disruption of sophisticated ad fraud operations that are part of an ongoing attack with new customizations designed for targeting codes and spoofing
NEW YORK–(BUSINESS WIRE)–HUMAN Security, Inc. (formerly White Ops), the global leader in advanced protections against businesses from digital attacks, today announced the discovery and disruption of an advanced fraud operation targeting the development of Adware targeting kits (SDKs) in 9 apps on the Apple App Store and 80 Android apps on the Google Play Store, downloaded more than 13 million times combined. The Attack, nickname Scyllais an adaptation of a fraud scheme first observed and disrupted in 2019 by HUMAN’s Satori Threat Intelligence and Research Team. While the attack is ongoing and actively monitored by the Satori team, HUMAN has been working with Apple, Google and others to shut down rogue apps from their respective app stores.
“Our ultimate goal is to protect our customers and the digital ecosystem from cybercriminals like those behind these attacks. We can only do this with modern defense where we can collaborate on disruptions like Scylla across the industry,” said Tamer Hassan, co-founder and CEO of HUMAN. “We will continue to remain vigilant against other similar attacks and leverage the work of collective protection — where an attack on one is a protective event for all — disrupting the cybercrime economy. That’s the only way we can win.”
Scylla is the third wave of an operation HUMAN first uncovered in 2019, in which a collection of over 40 Android apps openly committed multiple types of ad fraud. Nicknamed this scheme Poseidon for elements of the code in the apps, was disrupted by the reverse engineering efforts of the Satori team, resulting in Google removing the apps from its Play Store. A 2020 adaptation of the scheme nicknamed Charybdis after Daughter of Poseidon, integrated additional code obfuscation and SDK targeting techniques.
Today’s announcement of the disruption of Scylla – named after Poseidon’s granddaughter – reflects a new evolution of the threat actors behind the plan. While the Poseidon and Charybdis operations focused exclusively on Android apps, the Satori team found evidence that Scylla was also targeting iOS apps, expanding the attack to other parts of the digital advertising ecosystem.
HUMAN’s Satori team worked closely with the Google Play Store and the Apple App Store to ensure that all apps identified as being related to the Scylla operation were removed from public access. HUMAN also worked closely with affected advertising SDK developers to mitigate the impact of the process on their processes and their advertising partners. Customers of HUMAN’s MediaGuard solution are protected from fraud related to Scylla and its predecessors.
Apps within the Scylla operation have committed fraud through a variety of tactics including:
- App spoofingin which the Scylla apps posed as other apps for the purpose of digital advertising,
- Hidden Adswhere the apps rendered ads in places a user couldn’t actually see them, and
- Fake clicksin which the apps would keep track real clicks on advertising to fake more clicks later.
These tactics, combined with the obfuscation techniques first observed in Operation Charybdis, demonstrate the increasing sophistication of the threat actors behind Scylla. That is a constantly Attack, and users should consult the list of apps in the report and consider removing them from all devices. As this attack has evolved multiple times, the Satori team has withheld certain details about the operation in order to better track and report on further adjustments.
HUMAN verifies the humanity of more than 15 trillion digital interactions per week, providing businesses with an unmatched visibility into fraudulent activity online. HUMAN achieves this scale through its continued expansion in cybersecurity, including its recent merger with PerimeterX, and now offers a range of products to protect the entire digital customer journey. With new partners and companies now able to leverage the Human Defense Platform, an even deeper understanding of the cybercrime landscape is emerging, allowing HUMAN to continuously adapt and stay ahead of adversaries with modern defenses ( using Internet visibility, network effects and disruptions) and protecting customers through collective protection against threat models they have not yet encountered.
The Satori team used numerous tools to identify Scylla and its operators, whose information was shared with law enforcement. To learn more about the Scylla operation, visit the HUMAN blog.
HUMAN is a cybersecurity company protecting 500+ clients from digital attacks including sophisticated bots, fraud and account abuse. We leverage modern defenses—Internet transparency, network effects, and disruptions—to enable our clients to increase ROI and trust while reducing end-user friction, data contamination, and cybersecurity. Today, we verify the humanity of more than 15 trillion interactions per week across advertising, marketing, e-commerce, government, education and corporate security, enabling us to win against cybercriminals. Protect your digital business with HUMAN. Knowing who’s realvisit www.humansecurity.com.
HUMAN press contact:
Director of Communications
Source: HUMAN Security, Inc.