125 Android apps have been caught up in an Android ad fraud scheme that possibly stole hundreds of millions of dollars worth of ad dollars, according to a BuzzFeed News investigation by Craig Silverman. A fraud detection firm, Pixalate, first caught on to the plot in June.

What happened: People sold their legitimate apps to a company called We Purchase Apps, but were quickly transferred to shell companies and the human users on the legitimate apps had their behavior tracked unwittingly. Fraudsters then programmed that information to create a bot network that would be used to generate fake traffic that effectively stole ad dollars from advertisers.

Impact: This means millions of Android users who downloaded these apps, some of which were targeted at children, had their app use tracked.

The tech: Because the bot networks mimicked human behaviors, they bypassed fraud detection programs.

The big picture: This highlights the potential downfalls in the digital advertising world; brands can be duped out of sizable sums of money, and fraud detection schemes may need to become more sophisticated to try preventing massive fraud plots like this in the future. It further raises questions about how rigorously and frequently app stores review their apps and developers — Apple has also been under fire for an app that covertly transferred data to China.

Go deeper: Read the full BuzzFeed News investigation