A recent Human Security report detailed a botnet of hundreds of thousands of Android and iOS devices called PEACHPIT. The botnet generated illicit profits for the threat actors behind a broader China-based operation dubbed BADBOX. Another BADBOX operation sells mobile and TV devices infected with the Traida Android malware strain on popular online retailers.

Downloads of apps associated with the PEACHPIT botnet peaked at 121,000 devices per day on Android and 159,000 devices per day on iOS. The 39 apps that comprise the PEACHPIT botnet enabled threat actors to steal data and commit ad fraud on target devices. Users installed the malicious apps over 15 million times in total. Despite previous updates that remove the modules powering PEACHPIT and BADBOX-infected devices, Human Security claims they recently discovered over 200 compromised Android devices, suggesting the threat actor is attempting to bypass defensive efforts.

Read More:

https://thehackernews.com/2023/10/peachpit-massive-ad-fraud-botnet.html