| SYMBOL | COMMON_NAME | aka. SYNONYMS |
SlopAds is a sophisticated ad fraud and click fraud operation involving a collection of 224 apps, downloaded over 38 million times globally. The threat actors utilize steganography, hidden WebViews, and a mobile marketing attribution platform to execute their fraud schemes, which include generating fraudulent ad impressions and clicks. Their infrastructure comprises multiple C2 servers and over 300 related domains, indicating plans for expansion. The operation has been linked to 2.3 billion bid requests per day, with significant traffic originating from the United States, India, and Brazil.
There are currently no families associated with this actor.
| 2025-09-16
⋅
HUMAN
⋅
Satori Threat Intelligence Alert: SlopAds Covers Fraud with Layers of Obfuscation SlopAds |