A free app without ads, it’s fishy. And in the case of the “Any Light” flashlight, which was available on Google Play, there was indeed an eel under the rock. Behind this seemingly mundane utility software ran a rather sophisticated scam, which aims to rob advertisers, as security researchers at Human Security observed.
The app, in fact, was constantly connecting to marketplaces to offer advertising space … by pretending to be a streaming application for a TV box such as Roku Player, Apple TV, Amazon Fire Stick, LG Smart TV or Google Chromecast.
Indeed, the prices of an advertisement on such equipment are higher than on a smartphone. If the masquerade works, the duped buyer pays full price and receives a false display confirmation. All this is obviously completely transparent for the user of the flashlight who never sees anything displayed.
The author of this malicious scam would be TopTopMedia, a subsidiary of the Israeli group M51. This company developed at least 29 Android applications, integrating the TopTopSDK programming interface, through which this fraudulent mechanism was executed. These programs simulated over 6,000 streaming applications and were downloaded by over a million people. This has generated more than 650 million ad requests per day on average.
Also to discover in video:
To this were added 36 fake apps from the Roku Channel Store, an application marketplace dedicated to Roku boxes. Again, fake advertising space was sold to the highest bidders. All of these bogus apps have since been removed, with the help of Google and Roku.
Source: Human Security