A mobile ad fraud operation dubbed IconAds that consisted of 352 Android apps has been disrupted, according to a new report from HUMAN.
The identified apps were designed to load out-of-context ads on a user’s screen and hide their icons from the device home screen launcher, making it harder for victims to remove them, per the company’s Satori Threat Intelligence and Research Team. The apps have since been removed from the Play Store by Google.
The ad fraud scheme accounted for 1.2 billion bid requests a day, at the height of its activity. The vast majority of IconAds-associated traffic originated from Brazil, Mexico, and the United States.
It’s worth noting that IconAds is a variant of a threat that’s also tracked by other cybersecurity vendors under the names HiddenAds and Vapor, with the malicious apps repeatedly slipping past the Google Play Store since at least 2019.