- Human Defense Platform
- New York City
- Washington DC
- Tel Aviv
HUMAN’s Satori Threat Intelligence and Research team announced the disruption of the PEACHPIT ad fraud botnet and their research into the larger BADBOX fraud empire. Let's unpack what we discovered.
Our team’s investigation of the PEACHPIT ad fraud botnet led us to discover a connection with BADBOX. HUMAN’s Satori Threat Intelligence and Research Team observed more than 74,000 Android-based mobile phones, tablets, and CTV boxes showing signs of infection.
PEACHPIT is an ad fraud branch that comes from the root of the BADBOX tree.
The PEACHPIT botnet’s conglomerate of associated apps were found in 227 countries and territories, with an estimated peak of 121,000 devices a day on Android and 159,000 devices a day on iOS.
The collection of 39 Android, iOS, and CTV-centric apps impacted by the scheme were installed more than 15 million times before the apps were taken down.
BADBOX affects consumers from both the public and private sector.
HUMAN's visibility allowed us to identify more than 200 potentially impacted device types.
Of the devices HUMAN acquired from online retailers, 80% were infected with BADBOX.
Once identified, we worked with industry partners to disrupt the PEACHPIT threat in realprotect our partners and their customers. This is the result of modern defense at work.