Each of the supervillains represents one of the five typical rogue behaviours of malicious malware apps currently in operation. The team of supervillains has been named "The Villain League of Mobile Ad Fraud" with each ad fraud archetype brought to life in classic comic book style with an accurate explanation of how they operate backed up by a fantasy story for their origin.
The new supervillain league includes Phone Jacker, who secretly infects apps, taking control of millions of phones to relentlessly load invisible ads so he can steal from advertisers; Clickbot, who commands an army of bots that spread across sites under their control, creating millions of fake clicks on ads that no-one ever sees; Click Jacker, who hides evil links behind elements of a website such as buttons and ads to trap unsuspecting web users; IP Spoofer, who users her power to create fake IP addresses that masquerade as the source of views or clicks on ads, syphoning money; and Emulator, who tricks advertisers into thinking that traffic is coming from the fake mobile devices he creates. The supervillains can be seen together here.
Geoffrey Cleaves, Head of Secure-D at Upstream commented: “A lot of people now understand that there is a massive problem with mobile malware, particularly within the Android ecosystem. But just knowing that there is a problem and fearing it will not get us very far. We need to bring malware and the fraudsters behind them out of the shadows, understand what they are doing, how they are doing it and how they are making money from it. By developing these supervillains we’re trying to make a serious point – hopefully in an engaging way – and move the conversation onto understanding and addressing the problem, rather than just fearing it.”