Upstream unveils the “supervillain” league behind malware-infected phones
March 2020 by Upstream
Upstream has unveiled a new team of supervillains in a bid to explain the complex workings of malware and mobile ad fraud. Each of the supervillains represents one of the five typical rogue behaviours of malicious apps currently in operation. The team of supervillains has been named "The Villain League of Mobile Ad Fraud" with each ad fraud archetype brought to life in classic comic book style with an accurate explanation of how they operate backed up by a fantasy story for their origin.
The new supervillain league includes Phone Jacker, who secretly infects apps, taking control of millions of phones to relentlessly load invisible ads so he can steal from advertisers; Clickbot, who commands an army of bots that spread across sites under their control, creating millions of fake clicks on ads that no-one ever sees; Click Jacker, who hides evil links behind elements of a website such as buttons and ads to trap unsuspecting web users; IP Spoofer, who users her power to create fake IP addresses that masquerade as the source of views or clicks on ads, syphoning money; and Emulator, who tricks advertisers into thinking that traffic is coming from the fake mobile devices he creates. The supervillains can be seen together here: https://www.secure-d.io/typesofmobi...
Geoffrey Cleaves, Head of Secure-D at Upstream commented: “A lot of people now understand that there is a massive problem with mobile malware, particularly within the Android ecosystem. But just knowing that there is a problem and fearing it will not get us very far. We need to bring malware and the fraudsters behind them out of the shadows, understand what they are doing, how they are doing it and how they are making money from it. By developing these supervillains we’re trying to make a serious point – hopefully in an engaging way - and move the conversation onto understanding and addressing the problem, rather than just fearing it.”
Upstream recently released an in-depth report explaining the scale of the mobile ad fraud and mobile malware problem, called The Invisible Digital Threat. In that report, the company explained how cybercriminals operate and the impact it has on consumers and businesses. The number of malicious apps discovered by Upstream’s anti-fraud platform Secure-D in 2019 rose to 98,000, up from 63,000 in 2018. These 98,000 malicious apps have infected 43 million Android devices across the 20 countries where Secure-D is deployed.
The company that dreamed up the supervillains, Upstream, partners with mobile operators around the world to protect their users in real time. As of the end of 2019 Upstream is integrated with 31 mobile operators across 20 countries detecting and blocking fraudulent transactions initiated by mobile malware, via its Secure-D platform. Left unchecked, malware operating in these 20 markets would have cost users around $2.1bn in unwanted charges. Mobile ad fraud is a multi-billion dollar criminal enterprise and it is estimated that by 2023, digital advertising global losses will reach $100 billion .
Cleaves concluded: “We live in an age where superheroes and supervillains represent many of the world’s biggest cultural icons. We also live in a time where mobile malware is running rampant. It is a little understood criminal enterprise on a massive scale. Much like comic book villains, cybercriminals are plotting world domination and collecting unlawful millions. They operate in the shadows and target businesses and consumers alike. The team at Upstream takes blocking malware very seriously. With the supervillain league we have tried to explain a complex problem to both industry and consumers in an understandable and fun way.”
 “Losses from online, mobile and in-app advertising expected to reach $100b by 2023”, Juniper Research