These 80+ apps could be running adware on your iPhone or Android device

Cybersecurity company Human has uncovered another adware campaign engaging in ad fraud that is targeting iOS and Android devices. In the simplest terms, ad fraud allows a bad actor to either visibly spam an app with ads, or to manipulate the code in such a way that the ads are invisible to the user while the bad actor extracts advertising money from a marketer.

In each iteration, it’s fraudulent. Ad fraud has been widespread in the industry for a while, and the latest investigation uncovered a cache of over 75 Android apps listed in the Google Play Store and nearly a dozen apps on Apple’s App Store that are engaged in various forms of ad fraud.

Andy Boxall / DigitalTrends

The bad apps have been collectively downloaded over 13 million times across Google and Apple’s app ecosystems. After being notified by Human, Google and Apple have since expunged the apps from their respective app repositories.

This is the third wave of the same attack, which was first reported in 2019 and was labeled Poseidon. The second wave that raised its head in 2020 was christened Charybdis, while the ongoing attack wave has been bestowed the name Scylla. Over time, the targeting campaign gained the ability to obfuscate the malicious code and SDK-targeting capability.

By the time the Scylla adware campaign raised its head, it could pass itself off as a legitimate game, tricking advertisers into spending more money. The fraud uses hidden ads that are not visible to the users, or just out-of-context apps that randomly pop up on the screen. Gaming the ad view metrics was also observed as a means to register ad clicks and make money.

What’s the safe road ahead?

The most reasonable course of action is to delete the problematic apps, assuming they are already installed on your phone. You can check the entire list of adware-ridden applications on Human’s website. An effective precautionary step is to always install apps from reliable developers and publishers.

Another option is to upgrade to an app’s premium version if the free tier is showing too many shady ads that enable click-through to an even more malicious webpage. App developers don’t always have overreaching control over the ads appearing on their apps.

We live in an era of continuous web tracking, and targeted ads that are modeled after behavioral patterns are the most invasive. Since advertising companies often rely on breadcrumbs of our online activities, you should clear your browser history, cache, and cookies from time to time.

You can also try specialized adware removal apps, just to be on the safe side. NordVPN offers a fairly robust ad-blocking system. Other reliable options are Adware Cleaner by Pocket Bits, Norton Ad Blocker, TotalAV, and Malwarebytes.

Adware is not a new phenomenon, especially on the Android side of the ecosystem. But despite Apple’s claims of a safe app ecosystem, iPhones aren’t really impervious. Security firm Wandera spotted 17 apps on the App Store in 2019 that were running invisible ads and clocking ghost clicks to generate ad revenue.

In 2018, a Cisco Talos researcher uncovered a highly targeted attack that only affected 13 iPhones in India by weaponizing the MDM server. One of the suspicious outcomes of the attack was random ads appearing on the infected devices. But the malware ecosystem is an ever-evolving landscape. Just over a month ago, the experts at Germany’s Technical University of Darmstadt cooked up a lethal malware that is delivered via Bluetooth and can even infect an iPhone when it’s powered off.

Related posts

Latest posts

Mail app for macOS will soon get an overdue AI upgrade

Apple demoed an AI-charged Mail experience months ago, but delayed one of the crucial tricks for Macs. It seems a macOS update will finally serve it in April.

I compared the two of the most powerful mobile chipsets — here’s what happened

The Snapdragon 8 Elite and Dimensity 9400 are two of the most popular smartphone chips. I compared them head-to-head.

Qualcomm expands Snapdragon 8 Elite lineup with new 7-core variant

The lower-tier offering comes as Qualcomm is rumored to be working on midrange and overclocked Snapdragon 8 Elite variants.

Instagram tries to capitalize on TikTok uncertainty with new ‘Edits’ app

Meta's building quite the reputation for trying to steal users while their competitors are down.

Stuffcool Giga is the Indian brand’s best 65W power bank yet

Stuffcool makes dozens of power banks, and the 20,000mAh Giga is its best yet. This 65W power bank is significantly

TikTok is Working Again in the U.S., But Still Removed From App Store

Well, that didn't last long. Less than a day after TikTok became temporarily unavailable in the U.S., the app is

The best OnePlus 13R cases for 2025

The OnePlus 13R is the newest and most advanced OnePlus midrange phone around. Keep it safe with one of these great cases.

TikTok goes dark in the US with a bunch of other ByteDance apps

TikTok has shut down in the US, and the app is no longer available to download on mobile. The company has now pinned its hopes on President-elect Donald Trump.

Forget DLSS 4 — this app already does multi-frame generation

DLSS 4 promises multi-frame generation to RTX 50-series GPU, but this app includes the feature for any graphics card.

Everything you need to know about AI agents and what they can do

Agents are specialized language and reasoning models that can work independently to automate repetitive tasks without direct human oversight. Here's everything you need to know about the "next big thing" in generative AI.