Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps

Researchers disclosed "Trapdoor," a large Android-focused malvertising and ad-fraud campaign that leveraged 455 malicious apps and 183 C2 domains to create a self-sustaining fraud pipeline—peaking at ~659 million bid requests/day and over 24 million app downloads—by using multi-stage app installs, hidden WebViews loading HTML5 cashout domains, install-attribution abuse, selective activation for ad-acquired users, and multiple anti-analysis/obfuscation techniques; Google removed the identified apps following disclosure.