A vast digital scam involving over 224 AI-themed apps has been uncovered, defrauding advertisers worldwide. With billions of fake ad requests daily, the operation, dubbed “SlopAds,” turned smartphones into ghost click farms until Google and researchers intervened.
A Sophisticated Ad Scam Disguised as AI
Security researchers from HUMAN’s Satori Threat Intelligence and Research Team, working with Google, uncovered one of the largest ad fraud schemes in recent memory. The network, known as “SlopAds,” revolved around more than 224 AI-themed apps hosted on the Google Play Store.
India to Honour Top CISOs from Police, Law Enforcement, and Defence Forces
Once installed, these apps secretly downloaded a malicious payload called FatModule, which created hidden web browsers (WebViews) on victims’ devices. These invisible browsers simulated ad views, clicks, and impressions — essentially transforming unsuspecting smartphones into ghost click farms.
Scale of the Fraud: Billions in Fake Traffic
The operation grew to alarming proportions. According to researchers, the apps were downloaded over 38 million timesacross 228 countries and territories. At its peak, the network generated 2.3 billion ad bid requests every single day, siphoning money away from advertisers and ad networks.
Traffic analysis showed that most fraudulent clicks originated in the United States (30%), followed by India (10%) and Brazil (7%). Investigators noted that the use of AI-themed apps was deliberate, capitalizing on the global surge in artificial intelligence–related interest to attract unsuspecting users.
Google’s Response and Ongoing Risks
After HUMAN shared its findings, Google removed all identified apps from the Play Store and notified users who had installed them, urging immediate deletion. While this takedown dismantled SlopAds in its current form, experts warn that the threat is far from over.
“The sophistication of SlopAds suggests that threat actors will adapt their scheme again,” HUMAN researchers cautioned. “These fraud operations evolve constantly, continuing to exploit the digital advertising ecosystem.”