According to a new report from BuzzFeed, fraud detection company Protected Media has uncovered a new scam whereby in-app ads are hacked to silently play multiple video ads behind legitimate ads. Scammers purchase cheap banner space and then infiltrate it with video ads, profiting at the expense of users and ad networks. Stacking multiple ads behind a legit ad banner is known as ad stacking and it isn’t a new phenomenon. The new version of this scam discovered by Protected Media could help bad actors rake in revenue worth tens of millions of dollars.
Since video ads are power and resource intensive, the Android apps on which these hidden ads are being run on drain battery life as well as data. Although the video ads play silently in the background, they are still registered as completed. For ad networks, it means missing out on revenue that would have otherwise come to them if the ad spots were bought legitimately for running video ads.
Per Protected Media, most of the banner ads bought for this scheme used Twitter’s MoPub ad platform. BuzzFeed has vindicated Twitter’s ad platform of any wrongdoing but that doesn’t change the fact that the platform had a vulnerability that was successfully exploited by nefarious actors. Twitter is currently investigating the issue.
Investigations have linked a good number of these ads to the Israeli company Aniview and its subsidiary OutStream Media. Outstream was apparently behind the banners and codes that were found in the phony ads. Aniview has denied any wrongdoing and says that the culprit is an unknown user who registered on its platform and then used the banner ad images created by Outstream Media. The company further says that it has taken actions to stop such activities and it must not be held responsible for the unethical use of its platform. The company says it's doing an internal incident review right now and has also notified its clients that its platform must be used according to its policy.
Protected Media says it’s not unusual for ad tech companies to engage in such fraudulent ad schemes. While it remains to be seen whether Aniview had any part to play in all of this, there could surely be other companies out there involved in similar illegal activities. The problem with these scams is that since the illegitimate ads are not visible, it is difficult to trace them down and remove them.
Another fraud investigation company, DoubleVerify, found out a similar scheme in 2018 and its CEO, Roy Rosenfeld, echoed similar concerns, saying how good the scammers are at obfuscating their activities and monetizing their ad inventory.
For now, it doesn’t seem ad stacking, or ad stuffing as it’s often called is going away anytime soon. For users, this could mean having their phones die on them without knowing what could be wrong. The best approach would be to report an app that seems to be eating away at the battery to developers so the mater can be further investigated.