Security Researchers Discover 10 App Store Apps Engaging in Ad Fraud

Security researchers discovered 10 "adware" apps on the App Store that were engaging in ad fraud, according to a report from Bleeping Computer. The apps were designed to generate revenue by impersonating legitimate apps and presenting a deluge of ads to iPhone users.

iOS App Store General Feature Sqaure Complement
Discovered by HUMAN's Satori Threat Intelligence team, the mobile apps are part of an ad fraud campaign they're calling "Scylla." It is the third wave of a fraud operation first discovered in August 2019, which Apple has been fighting. The apps have been removed from the ‌App Store‌ at this point, but if you have the following apps installed, you should delete them:

  • Loot the Castle - com.loot.rcastle.fight.battle (id1602634568)
  • Run Bridge - com.run.bridge.race (id1584737005)
  • Shinning Gun - com.shinning.gun.ios (id1588037078)
  • Racing Legend 3D - com.racing.legend.like (id1589579456)
  • Rope Runner - com.rope.runner.family (id1614987707)
  • Wood Sculptor - com.wood.sculptor.cutter (id1603211466)
  • Fire-Wall - com.fire.wall.poptit (id1540542924)
  • Ninja Critical Hit - wger.ninjacriticalhit.ios (id1514055403)
  • Tony Runs - com.TonyRuns.game

The apps committing ad fraud used a bundle ID that did not match their publication name, making it appear to advertisers that impressions came from a more profitable software category. The apps apparently imitated CTV-based apps, with IDs changing often to evade detection.

While 10 apps were found on the iOS ‌App Store‌, more than 70 were found on Google's Play Store, and adware is a much more severe problem on Android devices. Apple's ‌App Store‌ review process was able to lessen the severity of the problem on iOS devices, but there are still apps that slip through.

Adware is more of an annoyance than a serious issue on the ‌App Store‌, but it is something that ‌iPhone‌ owners should be aware of. Security researchers suggest that smartphone users should look for rapid battery drainage and increased internet data usage to spot apps that are fraudulently using ads in the future. Avoiding installing apps from suspicious developers is also a good idea.

Top Rated Comments

Basic75 Avatar
9 months ago

Avoiding installing apps from suspicious developers is also a good idea.
Wasn't the whole point of the walled garden to prevent suspicious apps and developers?
Score: 29 Votes (Like | Disagree)
CWallace Avatar
9 months ago
The App Store certainly has plenty of issues, but just consider how much worse it would be if Apple just let everyone post any app they wanted without any attempt at oversight...
Score: 22 Votes (Like | Disagree)
wordsworth Avatar
9 months ago
Critics seem to conveniently ignore how difficult if not downright impossible it is to achieve a perfect system (any system), under the impression here, perhaps, that all Apple's wielding of the 'magic' sales pitch means the company can indeed achieve magical (ie 'perfect') results. Real world scenario: choose your poison – Apple or Android. A walled garden doesn't prevent weeds but if carefully attended to, it will minimise them.
Score: 18 Votes (Like | Disagree)
ponzicoinbro Avatar
9 months ago

And another for the list of bullet points debunking Apple's lies about sideloading.


The story literally says it is worse on Android so unless someone reading the story has cognitive problems, this story backs up Apple and proves sideloading is a menace when it comes to piracy and and ad fraud.

Developers wont benefit one bit from sideloading because apps will be pirated massively and a lot of those pirate apps will contain malware and user tracking ads.

As people point out, the only people who support sideloading on smart phones are:

- organized criminals spamming forums to demand sideloading.
- pirates who don’t want to pay for apps.
- just people with a bad grudge and a chip on their shoulder.
Score: 15 Votes (Like | Disagree)
GeoStructural Avatar
9 months ago
This is IMPOSSIBLE, the App Store review process is the standard in privacy and security. The walled garden is here protect us from the evils of external apps. /s


Edit: Let's remember that Apple went as far as to trash their own desktop OS in front of a judge to support their monopolistic practices in iOS: Craig Federighi says the Mac has an ‘unacceptable’ malware problem ('https://9to5mac.com/2021/05/19/craig-federighi-mac-malware-problem/')
Score: 11 Votes (Like | Disagree)
autrefois Avatar
9 months ago

Avoiding installing apps from suspicious developers is also a good idea.
I was kind of hoping that Apple would be better at spotting suspicious developers than I am.
Score: 11 Votes (Like | Disagree)

Popular Stories

google drive for desktop1

Google to Roll Out New 'Drive for Desktop' App in the Coming Weeks, Replacing Backup & Sync and Drive File Stream Clients

Tuesday July 13, 2021 1:18 am PDT by
Earlier this year, Google announced that it planned to unify its Drive File Stream and Backup and Sync apps into a single Google Drive for desktop app. The company now says the new sync client will roll out "in the coming weeks" and has released additional information about what users can expect from the transition. To recap, there are currently two desktop sync solutions for using Google...