Di tanto in tanto le varie società che si occupano di sicurezza scovano delle pericolose campagne malware che interessano il mondo Android e l’ultimo esempio è arrivato nelle scorse ore: sono state ben 224, infatti, le applicazioni rimosse dal Google Play Store a causa di un’enorme frode pubblicitaria.

Stando a quanto è stato rivelato da HUMAN Security, un suo gruppo di ricercatori ha scoperto un’operazione di frode pubblicitaria e sui clic denominata SlopAds e capace di fare registrare nel complesso oltre 38 milioni di download.

Segui Google Italia su Telegram, ricevi news e offerte per primo

Offerta

Motorola edge 60, 8/256 GB

50+50+10MP, 6.67'' pOLED 120Hz, Batteria 5200mAh, ricarica 68W, Android 15

237€ invece di 379€
-37%
Amazon

Cosa sappiamo di SlopAds

Le applicazioni coinvolte in questa campagna, tutte rimosse dal Google Play Store, distribuivano il software fraudolento utilizzando il sistema della steganografia e creavano WebView nascoste per navigare verso siti di proprietà degli autori della minaccia, generando impressioni pubblicitarie e clic fraudolenti.

A dire dei ricercatori, l’infrastruttura degli autori della minaccia e molte delle app condividevano un tema di intelligenza artificiale e, nel momento del suo apice, questa campagna è riuscita a generare 2,3 miliardi di richieste di offerta al giorno.

Il traffico proveniente dalle app associate a SlopAds proveniva da tutto il mondo ma era più intenso negli Stati Uniti (30%), in India (10%) e in Brasile (7%).

Oltre 200 applicazioni interessate

Questo è l’elenco completo delle applicazioni coinvolte dalla campagna SlopAds (il nome del pacchetto):

  • com.example.phonefinder
  • com.device.locator.map.your.way
  • com.fantasywallpaper.wallpaperlivebackground
  • com.build.epic.plane.free.launcher.game.qwper
  • com.build.queen.launhcer.puzzle.game.oqjnf9w
  • com.cookie.dalgona.launcher.break.puzzle.wtrev
  • com.doll.master.launcher.free.manage.desk.fgsae
  • com.fingerheart.webgl.game.free.sdjws
  • com.fruit.merge.launcher.game.free.cmaer
  • com.onet.save.princess.free.puzzle.launcher.portn
  • com.phone.puzzle.launcher.diy.game.awed
  • com.rabbit.rush.cash.money.reward.game
  • com.super.hero.shoot.puzzle.free.game.ponmr
  • com.tanghulu.talent.free.sim.game.qwepo
  • com.brain.drama.puzzle.game.free.qower
  • com.bus.jam.screw.free.puzzle.launcher.lvose
  • com.ice.cream.race.free.launcher.game.ta2j
  • com.merge.zombie.war.launcher.free.m3gat
  • com.munny.boney.cash.money.reward.fast.real.game.test
  • com.punch.prankster.game.puzzle.fwaes.free
  • com.puzzle.tile.match.beauty.puzzle.eliminate.free.game
  • com.sprint.run.free.game.launcher.op1rm
  • com.pixel.mysticspring
  • com.photo.baby.unicorn.stickers
  • com.Cyborg.CyborgCamera.FaceCamera.CyborgPhotoEditor
  • com.berslex.tiktokofflinevideoplayer
  • com.wifikeyview.wifikeyrecovery.wifi.passwordview.wifispeedtest.wifianalyzer.password.show
  • com.onlineplayer.onlinemedia
  • com.quickcash.gurujiapps
  • com.palm.scanner.hand.reading.palm.jesus.viloria
  • soft.apps.supper.torch.flashlight
  • com.emojievolution.emojimixstickerhdia
  • com.shoot.emoticon.arrow.puzzle.game.fsaw
  • com.game.telepath.master.free.puzzle.gsawx
  • com.game.snake.climber.car.fsawe.puzzle
  • com.game.dalgona.cookie.party.free.puzzle.fisaw
  • com.game.squid.sniper.puzzle.zwaex
  • com.spooky.dool.master.puzzle.game.free.gneqx
  • com.cat.pet.prank.game.free.puzzle
  • com.resize.sponky.runner.game.puzzle
  • com.emoticon.maker.free.launcher.puzzle.game.gsaew
  • com.fingerheart.launcher.game.free.sdjws
  • com.punch.prankster.puzzle.fwaes.free.launcher.fgsaw
  • com.game.size.changer.race.puzzle.fsawx
  • com.find.my.phone.launcher.clap.track.device.location
  • com.videostreamplayer.vidstream
  • download.videobrowser.videobrowser
  • com.jkappsinc.hiddencameradetector.spycameradetector
  • com.clwlpaprrewq.coolwallpaper
  • com.dbffreebie.webview
  • com.hisgeo.bacmarocijtima3iyatola
  • com.AI.Generated.kylian.Wallpapers
  • com.magicianslab.gifmaker
  • com.as_ma3il.Calculate_your_need
  • com.fakecallapp
  • com.emoji.background.camera.photoeditor
  • com.diy.tanghulu.asmr.game.puzzle.ewqgr
  • com.spooky.hide.n.seek.game.puzzle.free.sfzsw
  • com.spooky.craft.survivor.game.free.gwnh
  • com.game.horror.beat.playground.puzzle.safwe.free
  • com.resize.racer.gnwas.game.free.puzzle
  • com.overtaking.challenge.free.puzzle.game.gawxr
  • com.mr.hook.shoot.puzzle.hero.game.scmgn
  • com.ngeue.mysticspring
  • com.cosmic.launcher.live.wallpaper
  • com.reelx.shgwk
  • com.apapps.funny.girls.voiceeffects.voice.changer.free
  • com.air.horn.haircut.prank.sound.clipper
  • com.palmistry.ai.dress.launcher.android.aging
  • com.apapps.bluetooth.autoconnect.pair
  • com.ai.photo.tool.remini.baby.generator.gradient
  • com.fluid.fx.live.wallpaper.magic.screen.simulation.credit
  • com.all.video.downloadmanager
  • com.emoji.maker.pro.launcher
  • com.rodalsoft.wallpaper
  • gesturelockscreen.patternlockscreen.lock.screen.signaturelockscreen
  • com.tcminplay.superx
  • com.tcminplay.goalonandroid
  • com.smart.qrcode.barcode.object.pdf.scanner
  • com.findmyphone.bywhistle.easilyfindphone.whistlephonefinder
  • com.manissekincau.manisapp
  • khawar_softs.blood_pressure_tracker.blood_pressure_checker.blood_pressure_diary.bp_checker_diary
  • com.wifikeyrecovery.wifiautoconnect.wifipasswordshow.wifiautomaticunlock.internetspeedtest
  • com.magnify.lab
  • com.aura.launcherhsdprosdio
  • com.nomanunseen.unseenmasterbd
  • com.wSeeMePhotoEditor_8421281
  • com.flashlight.plushhdfahdhisadh
  • com.zoxtechapps.flashplayerforandroid
  • com.rodalsoft.quranpro
  • com.phone.cleanermaster
  • com.nova.edit
  • com.magnifier.superusagdasu
  • apps.braceapps.highwayguide
  • com.wellness.paljourneyhduaduas
  • com.healthykeeper.keeperhealthyuoipop
  • com.photoeditor.background.blur
  • com.backyard.hole.digger.sim.gnwsz.game.free.puzzle
  • com.emoticon.archer.blast.aewxz.free.game.puzzle
  • com.horror.beat.box.music.game.free.puzzle
  • com.agent.hamster.puzzle.game.free.gwezw
  • com.drop.merge.brainrot.puzzle.free.launcher.tewon
  • com.hole.collector.launcher.free.game.poute
  • com.monster.beat.free.music.game.puzzle.flkgh
  • com.mr.hero.shoot.puzzle.free.game.ponmr
  • com.ninja.hunter.fnsia.game.launcher.puzzle
  • com.roll.icecream.race.gajlr.launcher.free.game
  • com.shape.shift.run.launcher.free.game.xjrtg
  • com.game.size.shifting.runner.puzzle
  • com.game.snake.car.climb.puzzle
  • com.game.emotion.maker.pro.free.puzzle.gsawe
  • cooking.cat.mama.restaurant.food.simulator.games.free
  • com.clap.phone.finder.launcher.clap.track.your.device.locator.gps
  • com.hassan.hirech.app
  • com.smcallphone_nowda.tv
  • com.gswave.paperwall.design.studio
  • com.smart.alarmclock.sleeptrack.free
  • com.birthdayphotoframemaker.birthday.photo.frame.birthdayphotoframeeditor
  • com.livemap.onlinecams.gps.navigation.streetview
  • com.muslimnet.radio
  • com.fortunate.allvideoplayer.hdplayer.mediaplayer.freeplayer
  • com.mobeasyapp.app472034232267
  • com.video.fiesta.wathc.enjoy.trending.movies.streaming
  • com.capy.bucks.cash.reward.earn.money.fast.real.game
  • com.doge.save.puzzle.draw.free.game.zimet
  • com.dop.brain.puzzle.launcher.free.limng
  • com.draw.pee.puzzle.launcher.free.poiuy
  • com.happy.draw.save.puzzle.launcher.stwen
  • com.munny.boney.cash.money.reward.fast.real.game
  • com.rush.earn.cash.money.reward.game
  • com.block.buster.puzzle.line.blast.buster.game.free
  • app.ai.wallpaper
  • com.lacasadepapel.Game
  • com.gurujiapps.earnguruji
  • com.battery.emoji.style.home.screen.emoji.maker
  • com.weather.genius.storm.track.forecast
  • com.hassan.hirech
  • khawarsofts.infinix_hot20.infinixhot20_themes.infinixhot20_wallpaper.infinixhot20_launcher.infinixhot20_icon
  • com.screen.mirroring.cast.to.tv.max.hd
  • com.popji.emoji.editor.maker
  • com.idlemerge.candy.clash
  • com.idle.risk.army
  • com.live.weather.launcher.forecast.radar.android
  • com.wIPtvandEcholinkFlash_9876226
  • com.sub.ride.sub_ride
  • com.anime.shimeji.desktop.pet.on.screen
  • com.pixtune.ai.photo.editor.video.aiplay
  • com.istanakuota.w38s
  • ng.com.mony.giveaway
  • com.dog.cat.translator.prank.sound.pet.speak
  • com.super.light.torch.plus.max.sos.color.changer.for.iphone
  • com.cine.flow.player.hd.hotfilms.video
  • com.mziki.mzikimedia
  • com.abdelhadii.iphone.ios15.wallpaper.photo.lockscreen
  • com.ardrawer.paintsketchasihdo
  • com.nova.meetyouraiashudias
  • com.jameix.sounds.prank.best
  • com.vintage_camera.polaroidcamera.photo_effects.photo_grid
  • com.slideshowmakerwithmusicfree.photovideomaker
  • com.emoticon.diy.znfav.launcher.free
  • com.screws.story.match.choose.love.free.game
  • screw.master.pin.jam.puzzle.nuts.bolt.casual.game.free
  • com.hotpotgames.happysave.global
  • com.stick.fight.dance.tuber.sdawe.puzzle.free
  • com.capy.cash.earn.money.fast.real.rewards.game
  • com.pdf.reader.viewer.word.sheet.ppt.reader.free
  • merge.adventure.potion.girls.story.romance.sexy.game.free
  • com.nicework.ninjameowautochess
  • screw.it.bus.jam.puzzle.pin.nuts.bolt.casual.game.free
  • com.lamvpn.vpnlam
  • com.photoeditor.picswizshw
  • com.twinfile.delete
  • com.ggboyisanaItool.superlollipop
  • com.cine.hunt.hd.immersive.high.movie.vieo.trending
  • com.dop.fairy.puzzle.free.game.launcher.tungs
  • com.scary.beat.game.puzzle.playground
  • com.photo.emoji.studio.diy.merge
  • com.artly.ai.photo.comic.photo.editor.hug.pixar.gippley
  • com.outlook.weather.ai.forecast.storm.track.alerts
  • com.smart.weather.forecast.radar
  • com.kidslearn.abckids.kidsalphabets.colorskids210
  • com.cnaature.app
  • co.wl.aaghaz
  • com.pdf.reader.document.viewerpdf
  • com.mirroring.castv.chromecast.smarttv
  • com.intelli.browserhdoaiwai
  • com.pdf.reader.image.fast.free
  • com.pet.ai.homii.assistant
  • voice.translator.camera.text
  • com.aigirls.aigirlfriends.virtualai
  • com.squid.marksman.launcher.free.puzzle.sfawe
  • sprint.run.level.again.sprunki.puzzle.troll.challenge.game.free
  • com.arabola.bacolom
  • com.acne
  • com.magnifier.zoom.version.look.earth
  • com.bns.code
  • com.spooky.survival.free.puzzle.launcher.sanwe
  • homeworkout.fitness.sixpacks.exercise
  • com.hole.collect.master.launcher.free.game.apoil
  • com.ice.cream.race.free.launcher.game.ta2j3
  • com.dalgona.candy.party.cnvbj.free.game
  • com.vido.vidoview
  • com.sketappo.compass.simplcompass
  • com.oxamsoul.worldenfender
  • com.fastvideos.downloaderforfbandinsta
  • com.Sketappo.all.data.recovery.allfilesrecovers
  • com.lionsnowe.BraveFlashlight
  • com.anime.girls.live.wallpaper.phone.ai.free.game
  • com.spooky.survival.challenge.free.game
  • com.jameixapps.storyeditor.storymaker
  • com.photoeditor.beauticfnsahojf
  • com.ragdoll.chaos.fight.free.launcher.game.ponme
  • com.car.park.match.free.puzzle.jam.launcher.oilmv
  • com.oops.croco.warcraft.wall.wow.clash.battle
  • com.flix.zone.stream.chill.tv.video.watch.films.online
  • com.frame.hub.vieo.enjoy.family.cinema.stream
  • com.prank.silly.sound.machine.voice.air.horn
  • com.pure.wallpapaer.live.hd.anime.launcher
  • com.wonder.art.ai.photo.editor.warm.hug
  • com.golden.tiger.win.earn.cash.money.game
  • com.pdf.reader.viewer.word.sheet.ppt.reader.document
  • com.ruby.cat.cash.earn.money.fast.real.game
  • com.rush.cash.earn.fast.real.money.game
  • screw.it.bus.jam.puzzle.pin.nuts.bolt.casual.game

Tra i principali problemi che campagne come SlopAds possono creare vi sono rischi per la sicurezza dei dati (le app, infatti, raccolgono informazioni sul device, sul suo utente e sulle attività online), un peggioramento delle prestazioni (le WebView nascoste creano annunci pubblicitari con conseguente consumo della batteria e delle altre risorse del sistema) e la possibilità che venga scaricato software che possa causare la violazione di dati.

Per ulteriori informazioni sulla campagna SlopAds vi rimandiamo all’articolo pubblicato da HUMAN Security.