The pair created malware that faked user clicks.
Facebook has filed a lawsuit today against two Android app developers for infecting their users with malware that faked clicks on ads. Both the Hong Kong-based JediMobi and the Singapore-based LionMobi were a part of the social media giant’s Audience Network. The program lets Facebook’s advertisers host their ads on participating mobile apps, whose developers receive a payout if a user clicks through. In the case of JediMobi and LionMobi, Facebook alleges that many of ad clicks generated through their apps weren’t from an actual human.
According to a statement from Facebook, the developers created Android apps infected with malware that faked user clicks on the social media platform’s ads. The apps in question are pretty basic by design — they include apps to clear up phone storage, save battery life, scan for viruses and a note pad.
Some of the users may have caught wind that something was suspect before Facebook did, according to reviews from the Google Play Store. One reviewer for JediMobi’s notepad app simply wrote, “Malware. Will show you ads page on your desktop even leaving the app.” Another user mentioned that a negative review they wrote of the app was deleted. Others complained that the app had unauthorized access to their phone’s lock screen or contacts.
Ironically, many reviewers of LionMobi’s phone cleaning app complained that the app was actually slowing down their phone. “Worst app. It always slows down my phone and shows adult ads,” wrote one user.
Facebook already banned JediMobi and LionMobi from the Audience Network, and refunded the impacted advertisers. But pursuing legal action against the developers likely indicates that Facebook wants to make an example out of this particular adware campaign. The social media giant called the lawsuit “the first of its kind against this practice.” Adware laced-apps are common on both iOS and Android platforms — and neither Apple nor Google have found out how to stop the fraud. Security researchers earlier this year found over 200 Google Play apps infected with malware and downloaded over 150 million times.