Is your Android phone battery unusually low frequently? Or is it using noticeably more data than it used to? This could potentially mean you are a victim of DrainerBot. DrainerBot is a huge fraud operation which is being dispersed through Google Play Store apps. Applications which included the ‘DrainerBot’ code have been collectively downloaded more than 10 million times, researchers concluded on Wednesday.
Revelations regarding DrainerBot came from teams under ad-tracking biz Moat and internet infrastructure outfit Dyn. They started investigating after they spotted an increase in browsing activity from Android apps. According to them, DrainerBot code was distributed through an infected SDK integrated into “hundreds of popular consumer Android apps and games.”
Various types of applications included the code. Ranging from makeup and beauty applications to mobile gaming applications. These included augmented reality beauty app Perfect365, Draw Clash of Clans for sketching characters from the game, music app Touch ‘n’ Beat and more. Oracle claims that these apps have been downloaded more than 10 million collectively. The apps secretly downloaded hidden video ads. This led to phones consuming as much as 10 GB per month of bandwidth. While the videos are not visible, the downloads generate fraudulent advertising revenue each time a legitimate end user device appears to view a video while visiting a spoofed but legitimate publisher site. This leads to a lot of battery drain, even if the phone is in rest mode or is idle the code continues to run in the background.-
Eric Roza, senior vice president, and general manager of Oracle Data Cloud stated, “DrainerBot is one of the first major ad fraud operations to cause clear and direct financial harm to consumers,” and he further went on to say, “DrainerBot is one of the first major ad fraud operations to cause clear and direct financial harm to consumers.”
Oracle claimed that the code seemed to be distributed Dutch firm Tapcore. Due to the company’s false claims of being involved in detecting and tackling ad fraud. Tapcore denied any knowledge of Drainerbot stating it was “extremely surprised and alarmed by the allegations and attempt to connect the company” with DrainerBot. You can read more in the detailed report published by The Register here.
Ever since this report was published by Oracle. Google has started its own investigation and has started to remove the applications that contained the code. You can check whether your phone is infected or not here.