Fraudsters hide auto-playing videos in Android apps to illegally generate revenue

Malicious advertising network providers not developers blamed for battery-draining effects on Android devices

android figure

Advertising networks in Android apps are being hijacked by fraudsters who hide auto-playing videos behind ad banners to generate large swarms of revenue, developers have said. 

It's well-known that webpages and apps can potentially be used to steal processor cycles to mine for cryptocurrencies, which drains battery power and mobile data, but according to a BuzzFeed report there's a similar scam for Android adverts,

This version uses power-hungry video adverts hidden behind traditional banner ads within Android apps. In the report, it suggests that app developers are not to blame despite an influx of complaints about their apps drain users' smartphone batteries and collect their data.

The scheme works with video ads that are hidden behind banner ads on apps that play automatically. No one can see them but they register as having been served and viewed. The legitimate ad developer will be paid for his content, but the fraudsters will generate much more because they'll stuff in as many of these rogue videos as possible.

Ultimately, it's the brands whose ads were shown in hidden video players that lose money to those running the scheme. An investigation pointed a finger at a company called OutStream, which is a subsidiary of a firm called Aniview, an Israeli company that runs video ad technology.

In correspondence with BuzzFeed, the company denied any involvement and instead said the platform, banner ads and code, which were created by one of its subsidiaries, were exploited by a malicious, unnamed third party.

"BuzzFeed brought to our attention that there is an abuse activity, as an immediate action, we stopped this activity and started and continue an internal incident review," said Aniview CEO Alon Carmel in an emailed statement.

"We notified and emphasised our clients that the use of our platform must be according to our policy and the IAB and TAG guidelines."

This type of fraud already has a name within the ad industry - in-banner video ads - and has apparently seen tens of millions of dollars worth of fraudulent video ads running a month.

Featured Resources

Four cyber security essentials that your board of directors wants to know

The insights to help you deliver what they need

Download now

Data: A resource much too valuable to leave unprotected

Protect your data to protect your company

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

Most Popular

46 million Animal Jam accounts leaked after comms software breach
Security

46 million Animal Jam accounts leaked after comms software breach

13 Nov 2020
macOS Big Sur is bricking some older MacBooks
operating systems

macOS Big Sur is bricking some older MacBooks

16 Nov 2020
Huawei Mate 40 Pro 5G review: A tragically brilliant Mate
Mobile Phones

Huawei Mate 40 Pro 5G review: A tragically brilliant Mate

26 Nov 2020