Harmful apps are mobile applications designed to generate fraudulent revenues for their developers. They accomplish this by simulating user views and clicks on ads using iframes as well as background Android services, and often lock the user’s screen completely to display ads.
In addition to this click spamming, harmful applications perpetrate cookie stuffing in order to attribute organic installs to the criminal publishers. Large amounts of ad clicks, fake subscriptions and installs are generated in order to earn money from this fraudulent online traffic.
Harmful apps can be found both in and out of the Play Store and are presented as ordinary, harmless applications such as video downloaders, games, audio players and other tools in order to trick the user into downloading them, only to start their malicious activity a few hours after being launched. Sometimes the apps mask their package names as legitimate apps in order to avoid detection.
If you are a mobile user these types of apps steal your mobile data and deplete your battery while performing their nefarious actions. If you are a mobile advertiser these apps display your ads in the background or in a miniature window, which means they are not truly visible to the user, but you still get charged for the impressions.
At Opticks we analyse more than 1 billion clicks a day and we’ve detected that an astounding 83% of those visits come from malicious apps. Some of those apps have been downloaded from the Play Store hundreds of millions of times. Most of the harmful apps we see, however, have been downloaded from outside the Play Store.
These are the top 25 fraudulent apps we are blocking in August. You can click on the columns to see the reason the app is detected as harmful, as well as a link to Play Store apps.
Notice the number 1 app: empty! These are harmful applications that attempt to hide their name during web visits and pass their traffic as browser-based clicks. It is practically impossible to detect the #1 most common harmful application using server to server techniques that rely on evaluating an empty header.
#25 is also one of our favourites: com.android.fmradio. Do you think that Google’s Android radio app is ad supported? No, we don’t think so either.
Please note that the package name of some of these listed apps might not even be the real one. A common and nefarious practice amongst fraudsters is to mask their package and hide behind legitimate company names to avoid being caught.
Opticks successfully detects and blocks harmful applications to protect your inventory and digital budget. Try Opticks for 14 days FREE to stop losing your budget to fraudsters, click here to sign up.