Fraudsters hide auto-playing videos in Android apps to illegally generate revenue

Malicious advertising network providers not developers blamed for battery-draining effects on Android devices

android figure

Advertising networks in Android apps are being hijacked by fraudsters who hide auto-playing videos behind ad banners to generate large swarms of revenue, developers have said. 

It's well-known that webpages and apps can potentially be used to steal processor cycles to mine for cryptocurrencies, which drains battery power and mobile data, but according to a BuzzFeed report there's a similar scam for Android adverts,

This version uses power-hungry video adverts hidden behind traditional banner ads within Android apps. In the report, it suggests that app developers are not to blame despite an influx of complaints about their apps drain users' smartphone batteries and collect their data.

The scheme works with video ads that are hidden behind banner ads on apps that play automatically. No one can see them but they register as having been served and viewed. The legitimate ad developer will be paid for his content, but the fraudsters will generate much more because they'll stuff in as many of these rogue videos as possible.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Ultimately, it's the brands whose ads were shown in hidden video players that lose money to those running the scheme. An investigation pointed a finger at a company called OutStream, which is a subsidiary of a firm called Aniview, an Israeli company that runs video ad technology.

In correspondence with BuzzFeed, the company denied any involvement and instead said the platform, banner ads and code, which were created by one of its subsidiaries, were exploited by a malicious, unnamed third party.

"BuzzFeed brought to our attention that there is an abuse activity, as an immediate action, we stopped this activity and started and continue an internal incident review," said Aniview CEO Alon Carmel in an emailed statement.

"We notified and emphasised our clients that the use of our platform must be according to our policy and the IAB and TAG guidelines."

This type of fraud already has a name within the ad industry - in-banner video ads - and has apparently seen tens of millions of dollars worth of fraudulent video ads running a month.

Featured Resources

Report: The State of Software Security

This annual report explores important trends in software security

Download now

A fast guide to finding your cloud solution

One size doesn't fit all in the cloud, so how do you find the best option for your business?

Download now

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Small & Medium Business Trends Report

Insights from 2,000+ business owners and leaders worldwide

Download now
Advertisement

Most Popular

Visit/mobile/28299/how-to-use-chromecast-without-wi-fi
Mobile

How to use Chromecast without Wi-Fi

5 Feb 2020
Visit/security/34616/the-top-ten-password-cracking-techniques-used-by-hackers
Security

The top ten password-cracking techniques used by hackers

10 Feb 2020
Visit/operating-systems/microsoft-windows/354739/windows-7-bug-blocks-users-from-shutting-down-their-pcs
Microsoft Windows

Windows 7 bug blocks users from shutting down their PCs

10 Feb 2020
Visit/hardware/354723/coronavirus-starts-to-take-its-toll-on-the-tech-industry
Hardware

Coronavirus starts to take its toll on the tech industry

6 Feb 2020