THE Satori Threat Intelligence and Research Team at HUMAN has disrupted a sophisticated mobile ad fraud scheme named "Trapdoor," which involved 455 malicious Android apps and 183 command-and-control (C2) domains. This operation generated 659 million fraudulent ad bid requests daily and had been downloaded over 24 million times worldwide. Trapdoor operates through a self-sustaining cycle that begins with users installing seemingly harmless utility apps.
It then employs deceptive practices to push fake updates, install malicious software, and automate interaction with hidden ads to create the illusion of genuine traffic. The malware is designed to evade detection by employing advanced tactics to identify its environment and shield itself from security researchers. This disruption serves as a critical reminder for both enterprises and users to be vigilant against malware hidden in mobile applications.