Security researchers found 10 apps on the App Store that were involved in ad fraud. These apps generate revenue by impersonating legitimate apps and showing lots of ads to iPhone users.
HUMAN's Satori Threat Intelligence team found that the apps were part of an ad fraud campaign they called "Scylla." This is the third wave of fraud detected since August 2019, and Apple has been fighting it. At present, these applications have been deleted from the Apple App Store, and if you have installed these applications, you should also pay attention to them.
Loot the Castle - com.loot.rcastle.fight.battle (id1602634568)
Run Bridge - com.run.bridge.race (id1584737005)
Shinning Gun - com.shinning.gun.ios (id1588037078)
Racing Legend 3D - com.racing.legend.like (id1589579456)
Rope Runner - com.rope.runner.family (id1614987707)
Wood Sculptor - com.wood.sculptor.cutter (id1603211466)
Fire-Wall - com.fire.wall.poptit (id1540542924)
Ninja Critical Hit - wger.ninjacriticalhit.ios (id1514055403)
Tony Runs - com.TonyRuns.game
These ad-frauding apps use bundle IDs that don't match their published names, and the IDs are frequently changed to evade detection. Notably, the researchers found 10 ad fraud apps on Apple's iOS App Store and more than 70 ad fraud apps on Google's Play Store.
Security researchers recommend that mobile phone users should pay attention to apps that use a lot of power and data, and avoid installing apps from questionable developers.