More than 100 applications from Google Play with an audience of millions was involved in one of the biggest fraudulent schemes in the history of Android, found by BuzzFeed News. Despite the massive campaign, which allowed cyber criminals to steal several hundred million dollars, it wasn’t forced no Bank account, and all funds were able to obtain solely by displaying advertisements. This fact allows to call the attack is not only one of the most ambitious, but also “bloodless”.
As reported by BuzzFeed News, it all started with the fact that an unknown company started sending out to developers of popular programs for Android offers to buy their products for a sum significantly in excess of their real value. According to the developers whose applications were purchased by the company, the buyer behaved extremely courteous and moreover, they themselves proposed to pay in advance in bitcoin, and transferred more money than I should.
Only, as it turned out, were purchased by 125 applications. Scammers rebook them for a number of companies registered all over the world from British virgin Islands to Russian Federation. Obviously, this was done to cover, so as to minimize the negative effects that may arise in the event of a disclosure scheme and the involvement of the initiators to justice.
The next step, which had taken the crooks, is addition to the application tracking system that tracks user actions. However, the ultimate goal was not the seizure data and selling them to advertisers, and to analyze the behavior of victims and on the basis of the collected information to simulate the views of ads in apps. In other words, cheaters just cheated on advertisers, on a permanent basis offering that false ad views and thus earning hundreds of millions of dollars.
Google representatives, when contacted by BuzzFeed News, said that in the course of the implementation of such schemes and diligent fight with them, regularly removing crimeware from Google Play.
To discuss this and other news Android in our Telegram chat.