Contributed by: ElyseRomano Wednesday, March 04 2020 @ 02:50 pm
Grindr’s 2020 is off to a difficult start. In just a few short weeks, Grindr was accused of violating the EU’s GDPR (General Data Protection Regulation) data protection legislation by the Norwegian Consumer Council, found itself the subject of three complaints filed with the Norwegian Data Protection Authority, and was suspended from Twitter’s ad platform as a result. The popular gay dating app is also under investigation by the U.S. House Oversight and Reform subcommittee for doing an inadequate job of screening minors.
Adding to Grindr’s growing list of concerns is new research showing that the company’s Android application was exploited to defraud advertisers. According to a report[*1] from Pixalate, the Palo Alto-based fraud detection firm that discovered the scam, the app was used to facilitate a cross-device ad fraud scheme that tricked advertisers into thinking they were purchasing ads on Roku-connected devices. Pixalate named the scheme “DiCaprio” after discovering the A-list Hollywood name used in a file containing some of the malicious code.
DiCaprio was a type of fraud called “spoofing.” Here’s how it worked: an advertiser would purchase a normal banner ad on Grindr’s Android app. The scammers would then add code that disguised the Grindr banner ad to look like a Roku video ad slot, and the fake ad space was offered for sale on online marketplaces where digital ads are bought and sold. Advertisers bid on the fake Roku inventory thinking they were paying to reach real Roku users. Instead, the scammers simply pocketed the funds. Apps affected by DiCaprio include Crackle, PBS, CBS News, FOX, Lifetime and Newsy.
In addition to cheating advertisers out of money, Pixalate’s investigators also believe that the false ads drained the phone batteries and taxed the data plans of Grindr’s users.
Amin Bandeali, CTO of Pixalate, told BuzzFeed News[*2] Grindr was likely targeted because it has a large user base.
“If I’m a fraudster, I would love to target an app that has a lot of user engagement. These dating apps — users are on them constantly,” he told BuzzFeed News.
Grindr has so far denied any knowledge of the ad scheme. “Grindr is committed to creating a safe and secure environment to help our community connect and thrive,” a spokesperson said in a statement. “Any fraudulent activity is a clear violation of our and conditions and something we take very seriously.”
Grindr says it is taking steps to address the problem and is working to implement new strategies to protect both advertisers and users.