Share on LinkedIn
Share on XThe Scheme
The IAS Threat Lab has uncovered an extensive and sophisticated ad fraud scheme, codenamed Vapor, that leverages fake Android apps to deploy endless, intrusive full-screen interstitial video ads. Vapor exploits unsuspecting users and ad networks on a massive scale, representing a highly organized and pervasive ad fraud scheme.
Threat Lab has identified over 180 app IDs since early 2024 as part of the Vapor scheme, collectively amassing over 56 million downloads and generating over 200 million bid requests daily, with no real functionality delivered to users.
The Takedown
The IAS Threat Lab has actively worked to disrupt this fraudulent operation, collaborating with industry partners to minimize its impact. As a result of our findings, Google has removed all identified apps from the Play Store. Google Play Protect will warn users and automatically disable these apps, even when they originate from sources outside of Google Play.
We continue to monitor the Vapor operation as threat actors adapt their tactics and as new apps are added to the scheme.
Download the full report to access comprehensive insights on the Vapor scheme, including app design and timeline of events.
IAS partners are safeguarded against the impact of the Vapor threat through our fraud pre-bid avoidance solution available within their DSPs. Our advanced machine learning models power our fraud segments to ensure DSPs do not bid on impressions that originate from these apps. Explore our ad fraud solutions to learn more.
