Experts from Human Security (formerly White Ops) have discovered the Pareto botnet that infects Android devices and uses them to scam the television advertising ecosystem. Currently, Pareto has infected more than a million devices and impersonates millions of people watching ads on smart TVs and other devices.
Human Security reports that the botnet has used dozens of mobile apps to mimic or tamper with more than 6,000 Connected TV (CTV) applications, and on average it processes more than 650,000,000 ad requests per day.
Malware successfully masquerades as consumer TV streaming products running Fire OS, tvOS, Roku OS, and other well-known CTV platforms.
“This approach is very profitable for fraudsters, as the prices of ads on CTV are often significantly higher than on mobile devices or on the Internet,” the company explains.
For the first time, experts noticed this mobile botnet last year, and are now working to eliminate the threat, collaborating with experts from Google, Roku and so on. Dealing with a botnet is difficult, as its operators have changed spoofing mechanics more than once over the past year and have come up with new ways to disguise fake traffic.