

Thousands of Apps Secretly Run Ads That Users Can't See - emeraldd
http://www.bloomberg.com/news/articles/2015-07-23/thousands-of-apps-secretly-run-ads-that-users-can-t-see

======
jimrandomh
The actual study is [http://forensiq.com/download/Forensiq-
MobileDeviceHijacking-...](http://forensiq.com/download/Forensiq-
MobileDeviceHijacking-201507.pdf)

Highlights:

* For each suspect app, they took a factory-reset device or emulator, installed it, then observed packet captures

* They estimated advertisers lose 13% of ad spend to fraud

* They captured a script that simulated random clicks on advertisers' landing pages

* They observed evidence of malicious apps spoofing the IDs of legitimate apps that don't show adds

* Malicious apps would "establish on average 1100 connections per minute and communicate with 320 ad networks, ad servers, exchanges and data providers in the course of an hour"

------
joeld42
I mean, I'm sure this is happening, but are they sure this isn't just sloppy
prefetching? I've seen a lot of ad sdk's do this poorly, for example if you
drop in five ad sdks with a sloppy mediation layer on it, all of them could
just prefetch a bunch of ads when you first launch the app. Are they sure
these apps are actually reporting forged impressions?

------
crumpled
Developers protecting the user experience, while finding some way to make
revenue.

I'm not saying it's right. But revenue is a puzzle. People hate ads in apps.

~~~
noxToken
Is finding that an app used 2 gigs of data when it is supposed to be an
offline experience considered "protecting the user experience"?

------
georgeecollins
Ad partners are going to notice a horrible CTR. This is a kind of fraud that
doesn't last long.

------
MichaelCrawford
Android and iOS have /etc/hosts, which you can edit if you jailbreak. I dont
know about Windows phone, they run something from Nokia.

Some but not all Android devices permit you to install firmware you build
yourself. Drivers for undocumented chips can be a problem

You can block IPs at your firewall. I havent actually tried it but I
understand you can install a VPS client so you could use a firewall even when
you're at a wifi spot.

