The sub-techniques beta is now live! Read the release blog post for more info.

Generate Fraudulent Advertising Revenue

An adversary could seek to generate fraudulent advertising revenue from mobile devices, for example by triggering automatic clicks of advertising links without user involvement.

ID: T1472
Tactic Type: Post-Adversary Device Access
Tactic: Impact
Platform: Android, iOS
Version: 1.0
Created: 25 October 2017
Last Modified: 03 July 2019

Procedure Examples

Name Description
Gooligan

Gooligan can install adware to generate revenue.[3]

HummingBad

In July 2016, HummingBad generated more than $300,000 per month in revenue from installing fraudulent apps and displaying malicious advertisements.[1]

HummingWhale

HummingWhale generates revenue by displaying fraudulent ads and automatically installing apps. When victims try to close the ads, HummingWhale runs in a virtual machine, creating a fake ID that allows the perpetrators to generate revenue.[4]

Judy

Judy uses infected devices to generate fraudulent clicks on advertisements to generate revenue.[2]

Mitigations

Mitigation Description
Application Vetting

References