Google removes 331 malicious apps from Play Store linked to ‘Vapor Operation’

Bitdefender, a cybersecurity firm, has uncovered a large-scale ad fraud and phishing campaign involving 331 malicious apps on the Google Play Store. Known as Vapor Operation, the campaign bypassed Android 13 security measures and amassed over 60 million downloads. Initially discovered by IAS Threat Lab in early 2024, the operation was first linked to 180 apps before further analysis revealed its full scale.

Researchers found that these malicious apps disguised themselves as legitimate tools while secretly flooding users with intrusive ads, stealing…