Facebook this month filed lawsuits against 2 app developers, LionMobi, based in Hong Kong, and JediMobi, based in Singapore. According to Facebook, LionMobi and JediMobi generated unearned payouts from Facebook for misrepresenting that a real person had clicked on the ads. The ads were part of Facebook’s Audience Network.
Facebook’s lawsuit is one of the first of its kind against this practice. Here the lawsuit against JediMobi.
Facebook said the developers made apps available on the Google Play store to infect their users’ phones with malware. The malware created fake user clicks on Facebook ads that appeared on the users’ phones, giving the impression that the users had clicked on the ads. This made Facebook advertisers to pay for fraudulent clicks and ad impressions.
LionMobi and JediMobi have been banned from Facebook’s Audience Network and their accounts have been disabled. All impacted advertisers were refunded by Facebook in March 2019.
Here what the introduction of the lawsuit says:
In 2018, Defendants JediMobi Tech Pte. Ltd. and LionMobi Holding, Ltd. were application developers that deceived their users (“the app users”) into installing fraudulent and malicious apps from the Google Play store. Unbeknownst to the app users, Defendants delivered and installed malicious code (“malware”) onto the app users’ mobile devices through the apps. Defendants designed the malware to create the false impression that the app user clicked on advertisements delivered to the user’s device, a practice known as “click injection fraud.” Defendants specifically targeted ads serviced by social media companies, including Facebook and Google. As a result of their scheme, Defendants generated advertising revenue for themselves. Facebook identified Defendants and their scheme through an investigation of malicious apps and disabled Defendants’ known Facebook and advertising accounts in 2018. Facebook seeks injunctive and other equitable relief and damages against Defendants.
Here the facts described in the lawsuit by Facebook:
In 2018, Defendants jointly engaged in a click injection fraud scheme targeting Facebook and Google. Defendants’ scheme proceeded as follows: First, Defendants developed fraudulent mobile apps for the Google Play store, which purported to be utility apps. Defendants falsely marketed their apps on the Google Play store, as calculator or cleaner apps for mobile devices. In fact, Defendants knew that the apps delivered malware, which the users unknowingly installed on their devices. At times, the malware was delivered in the form of “updates” to the apps and, after October 2018, the malware was included directly in the apps. Second, Defendants registered their apps with Facebook’s Audience Network and Google’s AdMob in order to deliver ads purchased by advertisers through Facebook and Google. Defendants also advertised at least one of their fraudulent apps on Facebook, in violation of Facebook TOS and Policies, in order to entice Facebook users into visiting the Google Play store and installing the app. Third, after Defendants’ malware was installed on their app users’ mobile devices, Defendants monitored advertising activity from Facebook and Google and injected fake user clicks. These fake clicks generated advertising revenue for Defendants.