Multiple nefarious apps purporting to be device tracking tools, VPNs, spam blockers, and dating services on official Google and Apple app stores have been developed by malicious ad tech provider and cybercrime network VexTrio Viper to facilitate illicit cyber activity, according to The Hacker News

Installing the apps, which include 'Spam Shield block' for Android, triggers lures for subscriptions, ad bombardment, and the subsequent compromise of email addresses and other personal details, an analysis from Infoblox revealed. Additional findings showed that VexTrio uses several organizations, including Taco Loco, Teknology, Adtrafico, and Los Pollos, to operate affiliate networks' publishing and advertising components that cater to malware distributors and other threat actors. "Russian organized crime groups began building an empire within ad tech starting in or around 2015. VexTrio is a key group within this industry, but there are other groups. All types of cybercrime, from dating scams to investment fraud and information stealers use malicious adtech, and it goes largely unnoticed," said Infoblox Threat Intel Vice President Dr. Renee Burton.