Malware APKs Attack on Mobile Advertising

Mobile advertising is evolving at an unprecedented rate thanks to developments in machine learning technology, big data, AI, advanced targeting, programmatic capabilities and many more contributing aspects. That means a lot more opportunity for advertisers to invest marketing dollars with a transparent view of ROI. However, alongside great advancements in advertising technology there has been a parallel trend in mobile ad fraud advancements. Unfortunately, there is no one major type of fraud that dominates the market. It is a fragmented collection of smart technologies, tricky tactics, hidden scripts, and insurmountable headaches for the entire mobile advertising eco-system worldwide.

One of the leading components of mobile ad fraud is caused by malware APKs. These are malicious application files that are hidden inside of apps and are downloaded and installed on users phones without their knowledge or intention. The reason? You guessed it, to make money! These scripts hide inside of apps and can use java script or code to locate/retrieve and click on advertisements generating millions of false impressions or conversions.

“We were seeing a increasing amount of traffic from fraudulent apps and with the identification of specific behaviors, have been able to defer this traffic before it reaches advertisers campaigns” says Ander Reparaz CTO of Kimia Group.

There are two major factors that allow our approach to prevent the malware traffic to reaching campaigns. The first of these is the white and black lists that have been compiled from millions of campaigns and with collaboration of thousands of advertisers worldwide. The second factor is in-house developed machine learning technology that has allowed our platform to detect specific behavior patterns and characteristics of apps and identify and verify similar patterns in real-time.

Patterns and characteristics range greatly but there are determining indicators ranging from time of click to subscription, or traffic origin abnormalities or script naming that can be trigger factors for our platform to detect and defer fraudulent sources. Machine learning technology is applied to analyze every click coming from an app to protect from fraudulent apps. In a typical day of 1 billion clicks, approximately 60 million clicks are deferred. These are clicks that could have led to device hijacking, fake users and auto-subscriptions if they had not been stopped in their journey to client’s campaigns.

“Thanks to the proactive approach of our detection system, Advertiser’s avoid paying for fraudulent traffic and more importantly protect themselves from carrier regulations and compliance sanctions” Reparaz says.

Unfortunately, there isn’t a single solution to completely combat ad fraud. However, with constant monitoring and technology application, we can keep one step ahead of the bad guys and maintain a profitable eco-system despite their efforts. Nevertheless, fraudsters will continue to devise new ways to dirty our waters and our efforts will need to be equally persistent to protect against them.

Karen Ciulla Karen Ciulla
Global Business Developer & PR