New Ad Fraud Campaign Exploits 331 Apps, Reaching Over 60 Million
A recent cybersecurity report has unveiled a large-scale ad fraud campaign dubbed "Vapor," which exploited over 331 applications on the Google Play Store, accumulating more than 60 million downloads. These applications, masquerading as legitimate utilities, fitness, and lifestyle apps, inundated users with intrusive full-screen advertisements and attempted phishing attacks to harvest sensitive information such as credentials and credit card details. The campaign, active since early 2024, ingeniously bypassed Android's security measures, including Google Play Protect, by employing tactics like hiding app icons and introducing malicious functionalities through subsequent updates. Google has since removed these malicious apps from the Play Store, but users are advised to remain vigilant, scrutinize app reviews, and consider using additional security measures to safeguard their devices.