Eight apps at the center of a scam against Android users: a million dollar fraud that casts a shadow once again on the Google Play Store.
It’s not a happy time for Android users: the OS developed by Google for mobile devices is once again at the center of the storm, which sees 8 Chinese apps accused of fraud in the eye of the storm.
Having recently hosted 13 applications that installed viruses and malware when downloaded, it is now Cheetah Mobile and Kika Tech. The two software houses are accused of having spied on the behavior of millions of users and then cheating advertisers with staggering figures.
A real fraud, to the detriment of users but not only, that sees the Google Play Store again as the ideal home for potential frauds and illegal behavior by cyber criminals (or not). Let’s see together what happened.
Android scam: the eight app under accusation
The eight applications ended up in the crosshairs of the analytical company Kochava, which denounced the offenses to Google, would have had a huge pool of users to draw from: in fact, about two billion downloads are calculated.
An exaggerated and really impressive number, which overwhelms the usual malware that Android users are often used to. The applications in question are Clean Master, Security Master, CM 3D Launcher, Battery Doctro, Cheetah Keyboard, CM Locker, CM File Manager, Kika Keyboard and CM Launcher 3D.
The scam implemented by the following applications on Android foresaw the fraudulent exploitation of in-app advertising: the software was programmed to use a very common mechanism in mobile advertising, or the payment by the possible investors of a sum due to those who could get installed the eventual app or sponsored program (object of the banner or of the shift window).
We talk about sums ranging from 50 cents to three dollars, depending on the investor, for each download made through advertising: Cheetah Mobile and Kika Tech would have bypassed this system, spying on subsequent downloads on the user’s Play Store and making believe to the developers, who had requested advertising in the eight applications under accusation, that the downloaded apps were those advertised.
In this way, the two Chinese companies would have falsified the numbers corresponding to the cash rewards, generating a million dollar scam mechanism to the detriment of both the (confined) investors and the (spied) users.
Users who downloaded the eight apps would then receive in return also reduced performance in terms of software and autonomy, put in check by a constantly active tracking system.
Google has officially begun the investigation even if for the moment the two companies declare themselves innocent and reject the accusation.
The irony wants the center once again the great G that, despite the efforts, seems to suffer from a stable security control on Android.