A recent threat intelligence alert details a widespread ad fraud scheme named SlopAds, where over 200 Android apps, downloaded tens of millions of times globally, use obfuscation and conditional behavior to deliver hidden ad impressions and clicks only under certain conditions. The apps deploy techniques like steganography and hidden WebViews to deliver fraudulent ad traffic while avoiding detection from both users and security tools. This operation highlights how mobile ad fraud is evolving: threat actors are increasingly hiding their infrastructure behind layers of measurement tools and deceptive installs, making it far harder to defend endpoints and ad networks.
Read the full report here.
