Generate Fraudulent Advertising Revenue

An adversary could seek to generate fraudulent advertising revenue from mobile devices, for example by triggering automatic clicks of advertising links without user involvement.

ID: T1472
Tactic Type: Post-Adversary Device Access
Tactic: Impact
Platform: Android, iOS
Version: 1.0

Procedure Examples

Name Description
Gooligan Gooligan can install adware to generate revenue. [3]
HummingBad In July 2016, HummingBad generated more than $300,000 per month in revenue from installing fraudulent apps and displaying malicious advertisements. [1]
HummingWhale HummingWhale generates revenue by displaying fraudulent ads and automatically installing apps. When victims try to close the ads, HummingWhale runs in a virtual machine, creating a fake ID that allows the perpetrators to generate revenue. [4]
Judy Judy uses infected devices to generate fraudulent clicks on advertisements to generate revenue. [2]

Mitigations

Mitigation Description
Application Vetting

References