Interested in learning what's next for the gaming industry? Join gaming executives to discuss emerging parts of the industry this October at GamesBeat Summit Next. Register today.

Anti-ad fraud firm Forensiq is out with a new report today that adds yet another kind of massive ad fraud to the growing pile of options — thousands of apps that secretly and quickly load hidden ads.

First, the bad news:

These apps, of which there are at least 5000 across platforms, rapidly load and invisibly display ads on a smartphone or tablet even if the app hasn’t been launched. Some even mimic user clicks.

The study, “Mobile Device Hijacking,” says the apps are available through Google Play, Apple’s App Store, and third-party app marketplaces. It should be noted that Forensiq offers anti-ad fraud software and services.


MetaBeat 2022

MetaBeat will bring together thought leaders to give guidance on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, CA.

Register Here

Mobile advertisers are losing 13 percent of their ad spend to this new threat, according to the report, reaching an estimated billion dollars by the end of this year. This threat affects over 12 million smartphones and tablets — Android, iOS, and Windows Mobile — and 13 percent of worldwide in-app pre-bid advertising inventory, before they are deployed to devices. This represents more than 16 billion daily mobile in-app ad impressions.

VB’s new Brands & Mobile Advertising: How to win report is available for $499 on VB Insight, or free with your martech subscription

Sorry, but there is no good news.

There’s more:

  • The apps have been clocked showing hidden ads as frequently as 20 per minute, even when minimized. Legitimate apps, by contrast, might show a new ad every 30 to 120 seconds. These fraudulent apps make an average of 1100 connections per minute, communicating with as many as 320 ad networks, ad servers, exchanges, and data providers in an hour.
  • Through this mobile device hijacking, a mobile device could waste as much as 2 GB of data every day, draining the battery and running up data charges.
  • Forensiq found that 27.2 percent of its test sample of Android apps conducted this kind of ad fraud. For the sample of iOS apps, it was 9.99 percent, and for Windows Mobile, 8.92 percent.
  • These apps can begin to call invisible ads at device startup, without the app being opened. The apps run in the background, serving ads that can’t be seen.
  • The advertisers paying for these invisible ads included such biggies as Microsoft, Unilever, Amazon, Coca-Cola, and Mercedes-Benz.
  • Forensiq estimates that one percent of mobile devices in the U.S. and 2 to 3 percent of devices in Europe and Asia are running infected apps.

Aren’t Apple and Google catching this?

This kind of ad fraud represents yet another evolution of the botnet into voluntary actions.

“While most desktop malware is installed unintentionally via deceitful techniques,” the report said, “most mobile apps are installed intentionally,” often through trusted, major app stores. Because of this factor, this kind of ad fraud is not susceptible to normal anti-botware protections, Forensiq said.

CTO Matt Vella told me via email that some of the offending titles include Waxing Eyebrows, Celebrity Baby, Pet Dentist, and Air Fighting 3D, and they often play the games or offer the functions they claim.

“Some of the apps are functional or entertaining,” he said, “and others look interesting enough to try once.”

“That is part of the reason these apps have likely been flying under the radar — they do what you expect, but also what you don’t expect.”

He told me Forensiq had been unaware “mobile device hijacking was used by readily available apps to commit ad fraud,” and was surprised by the extent of the problem.

I asked why Apple and Google didn’t scan for these kinds of behaviors in their stores.

“They do their best to screen for ‘bad’ apps,” he said, adding that Forensiq hopes this study will make them aware of the problem.

What you can do

What can users do to protect themselves?

Vella suggested monitoring bandwidth and battery life on both the mobile and WiFi networks. Also, check out what permissions an app is requesting, since some want to run on startup.

Additionally, he recommended, “uninstall any apps you don’t use.”

“We believe that a lot of the fraudulent traffic is coming from users who installed apps and forgot they are still present on their phone or tablet. Since these apps can run in the background, they could burn through thousands of ads each day.” He noted that Google has estimated 1 in 4 installed apps are never used.

To obtain the data behind this report, Forensiq developed custom capture and analytical tools, and conducted tests for hundreds of hours over two months.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.