CyberSecurityBoard
Sponsor Register Login

Massive Android Ad Fraud 'IconAds' Leverages Google Play to Attack Phone Users - Cyber Security News

A sophisticated mobile ad fraud operation dubbed “IconAds” has infiltrated Android devices worldwide through 352 malicious applications distributed via Google Play Store, generating up to 1.2 billion fraudulent bid requests daily at its peak. The scheme represents a significant evolution in mobile advertising fraud, employing advanced obfuscation techniques to hide malicious apps from users while displaying intrusive out-of-context advertisements. Unlike traditional adware, IconAds applications deliberately conceal their presence by replacing their visible icons with transparent rectangles and empty labels, making it nearly impossible for users to identify and remove the offending applications from their devices. Some variants take the deception further by mimicking Google’s own applications, using modified versions of the Play Store icon and “Google Home” branding to appear as legitimate system components. Google has since removed all identified IconAds applications from the Play Store, and users with Google Play Protect enabled receive automatic protection against these threats. The IconAds operation employs a sophisticated persistence mechanism centered around Android’s setComponentEnabledSetting method, which allows applications to dynamically modify their visible components. The researchers discovered that IconAds represents a new level of sophistication in mobile ad fraud, combining multiple layers of obfuscation with innovative persistence mechanisms. The discovery highlights the ongoing evolution of mobile ad fraud and the need for continued vigilance in app store security measures. Human Security analysts identified the operation as an expansion of a threat they have been monitoring since 2023, noting significant tactical adaptations that emerged in October 2023. These domains employ seemingly random English words to obfuscate device information during network communications, making detection and analysis significantly more challenging for security researchers. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 04 Jul 2025 09:40:20 +0000


Cyber News related to Massive Android Ad Fraud 'IconAds' Leverages Google Play to Attack Phone Users - Cyber Security News

Massive Android Ad Fraud 'IconAds' Leverages Google Play to Attack Phone Users - Cyber Security News - A sophisticated mobile ad fraud operation dubbed “IconAds” has infiltrated Android devices worldwide through 352 malicious applications distributed via Google Play Store, generating up to 1.2 billion fraudulent bid requests daily at its ...
4 days ago Cybersecuritynews.com
Comprehensive Guide to Fraud Detection, Management, & Analysis - To mitigate risks, businesses can use risk management strategies, including fraud detection software, company policies, and staff ranging from risk managers and trust officers to fraud analysts. Affiliate Fraud - Affiliates in a marketing arrangement ...
1 year ago Securityboulevard.com
The Limitations of Google Play Integrity API - This overview outlines the history and use of Google Play Integrity API and highlights some limitations. We also compare and contrast Google Play Integrity API with the comprehensive mobile security offered by Approov. Google provides app attestation ...
1 year ago Securityboulevard.com
Deepfake Digital Identity Fraud Surges Tenfold, Sumsub Report Finds - Threat actors undertaking identity fraud have been using deepfakes ten times more in 2023 than in 2022, according to digital identity verification solutions provider Sumsub. In its third annual Identity Fraud Report, published on November 28, 2023, ...
1 year ago Infosecurity-magazine.com
25 Best Managed Security Service Providers (MSSP) - 2025 - Pros & Cons: ProsConsStrong threat intelligence & expert SOCs.High pricing for SMBs.24/7 monitoring & rapid incident response.Complex UI and steep learning curve.Flexible, scalable, hybrid deployments.Limited visibility into endpoint ...
1 week ago Cybersecuritynews.com
Android 15, Google Play get new anti-malware and anti-fraud features - Today, Google announced new security features coming to Android 15 and Google Play that will help block scams, fraud, and malware apps on users' devices. Announced at Google I/O 2024, the new features are designed not only to help end users but also ...
1 year ago Bleepingcomputer.com
Google promises a rescue patch for Android 14's "ransomware" bug - So Android 14 has this pretty horrible storage bug for upgrading users. Bugs are always going to happen, but the big problem with this is that Google has seemingly been ignoring it, and on Friday we wrote about how users have been piling up hundreds ...
1 year ago Arstechnica.com
Google Online Security Blog: I/O 2024: What's new in Android security and privacy - As their tactics evolve in sophistication and scale, we continually adapt and enhance our advanced security features and AI-powered protections to help keep Android users safe. Today, we're announcing more new fraud and scam protection features ...
1 year ago Security.googleblog.com Cloak
5 Fraud Prevention Strategies That Help Companies Ward Off Cyber Attacks - According to PwC's 2022 survey, over half of companies experienced fraud in the past two years, the highest in 20 years of research. From cyber-attacks to wire fraud to dishonest employees, there's no shortage of threats that aim to profit off your ...
1 year ago Hackread.com
BadBox malware disrupted on 500K infected Android devices - The BadBox Android malware botnet has been disrupted again by removing 24 malicious apps from Google Play and sinkholing communications for half a million infected devices. HUMAN says it also discovered 24 Android apps in the official app store, ...
4 months ago Bleepingcomputer.com
The Rise of Cyber Insurance - What CISOs Need to Consider - Cyber insurance offers not just financial protection against potentially devastating cyber incidents but also provides frameworks for improving security posture, access to specialized resources, and support during crisis scenarios. Beyond financial ...
2 months ago Cybersecuritynews.com
Hackers Mimic Google Chrome Install Page on Google Play to Deploy Android Malware - Security researchers have uncovered a sophisticated malware campaign targeting Android users through fake Google Chrome installation pages. The visual similarity to legitimate Google Play pages creates a convincing illusion that tricks unsuspecting ...
2 months ago Cybersecuritynews.com OilRig APT3
Identity Fraud Rises as E-Commerce, Payment Firms Targeted - An analysis of global customer data has highlighted a 20% increase in overall fraud incidents compared to last year, largely attributed to the surge in impersonation fraud and the accessibility of sophisticated attack methods and tools. The gaming, ...
1 year ago Securityboulevard.com
How Banks Can Adapt to the Rising Threat of Financial Crime - To combat this, banks need to implement advanced AI-driven fraud monitoring and detection tools, enhance identity verification processes, and stay vigilant with continuous monitoring and staff training to recognize anomalies. While most banks ...
4 months ago Darkreading.com
What CIRCIA Means for Critical Infrastructure Providers and How Breach and Attack Simulation Can Help - Cyber Defense Magazine - To prepare themselves for future attacks, organizations can utilize BAS to simulate real-world attacks against their security ecosystem, recreating attack scenarios specific to their critical infrastructure sector and function within that sector, ...
9 months ago Cyberdefensemagazine.com Akira
331 Malicious Apps with 60 Million Downloads on Google Play Bypass Android 13 Security - Security researchers from Bitdefender have uncovered a large-scale ad fraud campaign involving 331 malicious apps on the Google Play Store. With attackers exploiting loopholes in Android systems and employing sophisticated evasion techniques, users ...
3 months ago Cybersecuritynews.com
Fighting the Next Generation of Fraud - In today's digital age, the landscape of fraud is evolving at an alarming pace. In 2022, 20-59-year-olds reported 63% of all fraud in the United States. Fraudsters have been quick to harness the potential of generative AI to perpetrate various ...
1 year ago Securityboulevard.com
What Is Android System WebView and Should You Uninstall It? | Definition from TechTarget - Android developers use WebView when they want to display webpages or Hypertext Markup Language content in a Google app or other application. Android System WebView is a system component for the Android operating system (OS) that enables Android apps ...
9 months ago Techtarget.com
New Wave of 'Anatsa' Banking Trojans Targets Android Users in Europe - The campaign has been ongoing for at least four months and is the latest salvo from the operators of the malware, which first surfaced in 2020 and has previously notched victims in the US, Italy, United Kingdom, France, Germany, and other countries. ...
1 year ago Darkreading.com
Google Silently Tracks Android Device Even No Apps Opened by User - The research examined cookies, identifiers, and other data stored on Android handsets by Google Play Services, the Google Play Store, and other pre-installed Google apps. When a user searches within the Google Play Store, “sponsored” ...
4 months ago Cybersecuritynews.com
Android App on Google Play Attacking Indian Users To Steal Login Credentials - These loan services, such as KreditApple and MoneyApe, operate outside the Play Store’s scrutiny, redirecting victims to external Amazon EC2 servers to download malicious APKs (KreditApple.apk with SHA-256 fa27aa603eb6807dbc60d5dadc5b8f9b9290099f). ...
4 months ago Cybersecuritynews.com
Three Key Threats Fueling the Future of Cyber Attacks - Improvements in cyber security and business continuity are helping to combat encryption-based ransomware attacks, yet the cyber threat landscape is continually evolving. Protecting an organization against intrusion remains a cat and mouse game, in ...
1 year ago Cyberdefensemagazine.com
AutoSpill attack steals credentials from Android password managers - Security researchers developed a new attack, which they named AutoSpill, to steal account credentials on Android during the autofill operation. In a presentation at the Black Hat Europe security conference, researchers from the International ...
1 year ago Bleepingcomputer.com
Uncertainty Is the Biggest Challenge to Australia's Cyber Security Strategy - Political shifts could lead to changes in Australia's cyber security strategy. Early in 2023, as the Australian government started to craft its cyber security vision, it met with opposition at both ends of the political spectrum. On the right wing, ...
1 year ago Techrepublic.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)