What you need to know
- Google removed over 180 apps spanning across 56 million downloads, due to a massive ad fraud scheme tricking advertisers into paying for fake user engagement.
- The fraudsters created vapor apps, that were disguised as genuine popular apps, that ran recurring ads making it difficult for users to delete.
- The IAS worked with Google to identify and take down these apps from the Play Store
Google is working on deleting a massive number of apps from its Play Store following an“extensive and sophisticated ad fraud scheme” (as first spotted by Forbes), that seems to have impacted over 56 million downloads that spanned across 180 odd apps.
According to the publication, it seems like Google was trying to play catch up by sending out security patches in an attempt to fix the issue that’s causing several apps to turn malicious. However, it seems like it was all in vain, and now the only way to practically fix this issue was by deleting the apps that caused it.
An Ad-fraud scheme is different from a Malware or a Firmware that takes over devices. It involves people tricking advertisers into paying for genuine user engagement in the pretext of showing these ads on real apps, however they are not actually reaching real users. It could also show users ads extensively on the app, which will lower user experience, leading to people moving away from Play Store to download apps.
Furthermore, the publication adds that these fraudsters create something called “vapour” apps and showcase them on the popular category of the app store and users unknowingly will download these look-alike apps (like flashlights or QR code readers) but end up getting one filled with unnecessary ads. “Upon installation, these apps are often accompanied by a persistent notification, subtly ensuring their continued operation. Some of these apps have no visible icon or ‘open’ button available for the user to interact with,” Forbes added.
How Google tackled this
This not only impacts users, but also genuine advertisers who are willing to shell out money to make their products more visible on the App store. Genuine app developers who rely on advertisers for revenue are also impacted by this scheme, undermining the overall integrity of the Play Store. It seems like these apps have slipped through Google Play Protect as well, Android’s defense against malware and permission abuse, that is essentially there to keep devices safe from harmful apps.
Finally, Integral Ad Science (IAS), an agency that worked with Google to “actively disrupt this fraudulent operation, collaborating with industry partners to minimize its impact.” As a result, Google has gone ahead and removed all fraudulent apps from the Play Store.
In response to IAS’ report Google stated it is taking proactive measures to protect the Play Store from these vapor apps. “Google Play Protect will warn users and automatically disable these apps, even when they originate from sources outside of Google Play.”