DoubleVerify’s Fraud Lab has discovered a new fraud scheme using innocent-seeming iOS gaming apps to charge advertisers for phony ad impressions on mobile devices.
Dubbed SkyWalk, the scheme is operated by independent cybercriminals using a shared framework called UniSkyWalking and is sophisticated, coordinated and difficult to detect.
DoubleVerify’s researchers discovered it after noticing a number of apps with abnormally high impression rates and unreasonable click behaviour.
How it works
SkyWalk fraudsters have embedded secret web browsers inside various iOS gaming apps available on the App Store, which appear legitimate and playable.
The scheme involves dozens of fraudulent apps concealing more than 80 fake gaming websites that generate millions of manipulated ad impressions.
It employs hidden browser technology to render its websites completely invisible to users and uses touch hijacking to generate premium ad formats, with profits shared among multiple fraud participants.
AI-generated content makes the websites appear legitimate during audits, despite receiving no organic traffic, and the scheme misrepresents mobile app traffic as website traffic to evade Open Measurement SDK, which monitors in-app ads but not browser-based ads.
Advice for marketers
SkyWalk impacts marketers by wasting ad spend while delivering no brand awareness. It inflates performance metrics, which can skew campaign optimisation efforts.
Marketers are being urged to seek out advanced fraud detection from verification providers with the technical expertise to perform sophisticated analysis. Continuous monitoring is also critical, as fraud networks evolve and new schemes emerge.
DoubleVerify has reported a surge in AI-powered ad fraud this year, with the average volume of iOS apps during the first three quarters of 2025 over three times that of the previous five years.