The Satori Research Bulletin exposes SlopAds, a large-scale ad and click fraud operation involving over 224 apps and 38 million downloads across 228 countries. SlopAds hides malicious code inside image files using steganography and activates only if downloads originate from the attackers’ own ad campaigns. Once installed, infected apps contact command servers, retrieve hidden modules, and execute fraudulent ad activity. At its peak, the network generated 2.3 billion bid requests daily. The investigation highlights how SlopAds abuses attribution tools to evade detection and underscores HUMAN’s efforts to detect, analyze, and dismantle sophisticated cybercrime operations.

Join for free to read