Now available: click fraud protection for Facebook and InstagramLearn more
Now available: click fraud protection for Facebook

Click Fraud Example: “DrainerBot” Placed Hidden Video Ads

Click Fraud Example: "DrainerBot" Placed Hidden Video Ads

In 2021, mobile phones will generate 54.25% of web traffic, with 42.9% of desktop. Over the course of the year, mobile user share increased by over 10%, whereas desktop internet usage continues to decline.  It probably comes as little surprise that cybercriminals, hackers and programmers are targeting mobile websites and applications.

The advantage for fraudsters is that mobile users will leave apps running in the background of their smartphones all the time. How many of us get that message appear when downloading an app but think nothing of it before accepting it? Unfortunately, that one mistake can unwittingly leave you at the mercy of mobile app fraud.

What is DrainerBot?

In February 2019, Oracle announced the discovery of DrainerBot, a mobile ad fraud operation that infected millions of consumer apps. The apps downloaded hidden video ads that ran in the background of consumer’s devices, consuming over 10GB of data per month and costing device owners hundreds of dollars in data charges. Additionally, the DrainerBot creators earned millions by receiving commissions from pay-per-view ad fees and affiliate payouts from hidden video ads..

The device owners will never see a video running in the background, although it caused significant battery drain and data usage (95% battery drain in one hour and 5GB of data in two weeks). There were five popular mobile apps affected by DrainerBot.

  • Touch and Beat – Cinema
  • Draw Clash of Clans
  • Solitaire: 4 Seasons (Full)
  • Vertex Club
  • Perfect 365

Some of the apps were discontinued immediately, and others needed work on the code base before releasing an update. All of them would have suffered reputational damage.

It’s unclear how long DrainerBot was running before Oracle discovered it. It was found in malicious software development kits (SDKs) relating to the above-mentioned Android mobile apps.  Each of the apps link back to Tapcore SDK, a company out of The Netherlands that had ten apps available via Google Play at the DrainerBot discovery. Tapcore denied involvement in any malware but launched a full investigation.

Digital ad fraud like DrainerBot can cost consumers, advertisers and publishers billions of dollars per year. According to Juniper Research, this will reach $44 billion globally in 2022. As well as the financial impact, digital ad fraud creates several problems for advertisers and publishers.

  • Wasting advertising budget on false clicks
  • Wasting time pursuing bad leads
  • Harming brand reputation by association with ad injection fraud
  • Legal fees involved in investigating fraud
  • Skewed metrics in data affecting future marketing campaigns

The DrainerBot operation highlights the need for a multi-layered to identifying digital ad fraud by combining different cloud technologies. The number of infection vectors is growing increasingly complex, and the bottom line is that organizations need to pay closer attention to applications and who is writing them.

There have been plenty of other high profile mobile app fraud cases in the last few years. Walgreens, Mobikwik, and ParkMobile are three with consequences affecting millions of people.

How to prevent ad fraud?

The DrainerBot incident occurred over two years ago at the time of writing. That’s pre-pandemic when smartphone usage was nowhere near as high as it is today. In 2021, there is an even greater potential for harm if the proper fraud measures are not in place.

Fraud Blocker provides several features that can help you prevent ad fraud. Complex algorithms can detect some of the most popular and sophisticated fraudulent click activity used today.

The Fraud Blocker platform can check for complex bots, locate potential click farms, understand the cause of accidental clicks, find malicious publishers or vengeful customers. The 24/7 fraud monitoring detects fraudulent ad clicks and then blocks them from displaying in real-time while also alerting you that it has done so.

Fraud Blocker can be installed on virtually any website in less than five minutes and has the potential to save you thousands of dollars and protect your customers. Contact our team of experts today to see how we can eliminate wasteful spending and maximize your ROI.


More from Fraud Blocker