Investigation results in banning of six fraudulent (yet popular) Android apps from the...

mongeese

Posts: 643   +123
In brief: An investigation conducted by Buzzfeed in collaboration with Check Point, Method Media Intelligence and ESET security firms found that six apps published by DU Global were clicking on in-app ads to generate revenue illegally and without the user’s knowledge. They also lied about their developer and country of origin, don’t comply with GDPR regulation and ask for many dangerous permissions that are completely unnecessary to function. Combined, they have over 90 million downloads.

Most third-party apps rely on little banner ads that sit at the bottom of an app, while others sometimes have five-second full-screen ads. Generally, these ads are provided by Google or third party’s ad services, which pays them a small amount for displaying the ad and a larger amount when a user clicks on the ad. All six of the apps found in the investigation would periodically click on the ads and open them in the background, whether the app was open or not, using up system resources, battery life, and data.

Needless to say, if you’ve downloaded any of them: Selfie Camera, Total Cleaner, Smart Cooler, RAM Master, AIO Flashlight and Omni Cleaner – delete them now. Thankfully Google removed them from the Play Store as soon as they were alerted.

Security researchers dived in deep into Selfie Camera, which has over 50 million downloads. In addition to the ad fraud, they found that the app also committed ‘download fraud’ where the app monitored the other apps on the phone. When a new app was downloaded, Selfie Camera uploaded information about the app and claimed that they caused it to be downloaded, tricking developers into paying them. It also contains code designed to monitor battery, monitor the CPU and to view external websites.

“We explicitly prohibit ad fraud and service abuse on Google Play. Developers are required to disclose the collection of personal data, and only use permissions that are needed to deliver the features within the app,” Google told Buzzfeed. “If an app violates our policies, we take action that can include banning a developer from being able to publish on Play.”

“It’s not something you can say is in the gray area — it's a clear-cut fraudulent activity.”

- Aviran Hazum, response team leader for Check Point, an ad fraud research firm.

In addition to those six major offenders, Buzzfeed also noticed some ugly behavior in three other apps. Emoji Flashlight, with 5 million downloads, requests thirty permissions including seven dangerous ones (as defined by Google). Other flashlight apps require just two. Samsung TV Remote Control, which is developed by Peel Technologies, requests 58 permissions including 23 dangerous ones. Its privacy policy also explicitly states that they may record and upload audio at any given time without notifying the user. Lastly, Chinese-language kid’s app WaWaYaYa sends emails, usernames, real names and device information back to servers in China with no form of encryption and security.

Dangerous and fraudulent apps are a shockingly widespread problem, and just because an app appears in the Play Store or App Store doesn’t mean it can be trusted. To check if an app is trustworthy, read a couple of reviews, read the privacy policy, and see if it’s from a developer you recognize or comes up in a Google search. And most importantly: don’t give an app permissions it doesn’t need.

Permalink to story.

 
I have used very few apps. Yesterday I was looking at the play store. I don't need any of them. I do enjoy my pony coloring app.
 
This is why most don't need to use any third party apps. If you absolutely need one, do some research. Even then it may not even be enough since people will assume cause 50 million users use it that it's safe. Well that just got proven wrong.

I don't use most apps, other than what came with my phone. I'd say that I still don't even use like 80% of them. Don't care or need them.
 
Why just prohibit them when they should have been investigated and charged with fraud? Eliminating the app and allowing the violators to go free only encourages them to try again and again ....
But they might have gotten sent to jail. And god knows, we already have too many non violent offenders incarcerated. In fact, don't even slap them on the wrists, talk to them about their feelings. That solves everything... :rolleyes:

This message was brought to by the uber left millennial snowflake SJW coalition, an all volunteer major annoyance non profit organization.

Donate today at wow.bleedingheartimbeciles,.org
 
But they might have gotten sent to jail. And god knows, we already have too many non violent offenders incarcerated. In fact, don't even slap them on the wrists, talk to them about their feelings. That solves everything... :rolleyes:

This message was brought to by the uber left millennial snowflake SJW coalition, an all volunteer major annoyance non profit organization.

Donate today at wow.bleedingheartimbeciles,.org
Why'd you have to make things political?
 
Why'd you have to make things political?
Very simple. Because, over the past couple of days, I've listened to a bunch of TS Rookies try and pass off regurgitated liberal justice reform propaganda as their own original ideas. Which amounts to nothing more substantial than hijacked idealogical plagiarism with intent to boor people to tears, while passing themselves off as "intellectuals".

That's only a peripheral reason though.

Mostly I did it because I felt like it, and I figured a few members might get a good laugh out of it...

Then there's always the best reason of all, because I can.
 
Last edited:
Why just prohibit them when they should have been investigated and charged with fraud? Eliminating the app and allowing the violators to go free only encourages them to try again and again ....
It would have been reported to the police straight away, Police would then do their job
 
Why'd you have to make things political?
Very simple. Because, over the past couple of days, I've listened to a bunch of TS Rookies try and pass off regurgitated liberal justice reform propaganda as their own original ideas. Which amounts to nothing more substantial than hijacked idealogical plagiarism with intent to boor people to tears, while passing themselves off as "intellectuals".

That's only a peripheral reason though.

Mostly I did it because I felt like it, and I figured a few members might get a good laugh out of it...

Then there's always the best reason of all, because I can.
Bore

This post was sponsored by teh gramar natsi p0lice
 
Bore

This post was sponsored by teh gramar natsi p0lice
No surprise here. I wasn't expecting a laugh from you anyway..

How are things in the old "ceremonial monarchy nanny democracy" anyway? Have they loosened the reins a bit and let you make mix tapes from your Apple iTunes jpegs yet?? Are you allowed to have pepper spray yet?

I suppose you're another one who thinks that nice immigrant lad doesn't deserve jail time for destroying that school's computers.

Speaking of "boors", I'd like to be a bug on the wall listening to you trying to talk some sense into that fool. Oh well with him being an Indian, and you as a Britisher, he'd probably throw you out anyway. History has an ugly habit of repeating itself...:laughing:
 
Last edited:
It would have been reported to the police straight away, Police would then do their job
Well between Facebook and Google, more internal abuse or crimes likely go unreported to the police, than as did in the entire 2,000 year history of the Roman Catholic Church.

(I have obviously no way of fact checking that, so take it FWIW :rolleyes: ).
 
OH, I think I know someone who uses one or two of those, I should let them know.

Then there's always the best reason of all, because I can.
Just because you can doesn't mean you should... ( /s)

Actually nah I look forward to cranky posts keep firing away~ :)
 
The only "widespread problem" is that virtually nobody has heard of any of these fraudulent apps outside of news articles like this. Not a direct quote, take it as you will...
 
The only "widespread problem" is that virtually nobody has heard of any of these fraudulent apps outside of news articles like this. Not a direct quote, take it as you will...
Do you think Google is lying about the number of downloads which were made of these apps? More likely, they would try to minimize that number. "No press is the only bad press", merely attaches to Hollywood types, not the preeminent search engine.

IMO, our TS writers do an admirable job of reporting the news, not fabricating it.

If you feel something is amiss with the reporting, you can always apply for a space as staff writer by scooting off a PM to our fearless leader, @Julio France
 
Do you think Google is lying about the number of downloads which were made of these apps? More likely, they would try to minimize that number. "No press is the only bad press", merely attaches to Hollywood types, not the preeminent search engine.

IMO, our TS writers do an admirable job of reporting the news, not fabricating it.

If you feel something is amiss with the reporting, you can always apply for a space as staff writer by scooting off a PM to our fearless leader, @Julio France
I don't really know what the numbers are, nor do I think you guys are doing a bad job reporting these things. My only opinion is that fraudulent apps are not a widespread problem, but rather having no experience with any of these reported apps is far more prevalent.
 
I don't really know what the numbers are, nor do I think you guys are doing a bad job reporting these things. My only opinion is that fraudulent apps are not a widespread problem, but rather having no experience with any of these reported apps is far more prevalent.
If you're here at Techspot, you likely have enough savvy to avoid such treachery. In fact, our download hosting section adds cautions where necessary, ("caution tries to install whatever along with the program"), and other caveats.

Many who are not computer literate and don't post here, likely have the apps, and are oblivious to the danger they present.

Hell, some people still stay on the phone even after they hear an Indian voice telling them, "there's something wrong with your computer".

I think the views expressed on the Intel vulnerabilities, ("Spectre, Meltdown, Etc."), may be blown way out of proportion by the more maniacal members of the AMD fanbois association, as a justification for trashing all things Intel. Which incidentally coincides in principle with your opinion on this topic.

The real performance diminishing, computer damaging, and spyware threat of the present, is, (IMHO), none other than Windows 10.

And of course I'm well aware that not all agree with me on that assessment of it. :shrug:

As an example of the "lemming syndrome", with all its massive data breaches and outright thefts of personal information, hundreds of millions of people still flock to Facebook with almost total mindlessness, complete disregard for their privacy, and reckless abandon.
 
Last edited:
...and Amazon UK app store continues to function like the wild wild West of app stores!

Have you seen some of the junk on there ? , its just plain straight up dangerous ! ...anyone can make one and sell and add it to their app store.

It needs some serious auditing, seriously ! (and the CIA are worried about Huawei and the connection to the Chinese secret intelligence agency ! ) ... um hello ! ... Amazon is China, and China is Amazon ...time to audit!
 
Back