A security company has discovered that a well-known Android video downloading software is causing its users to make illicit premium purchases and phony ad clicks.
The Chinese developer of the software claims Google will not permit video downloader apps on the store, hence the app is not available on Google Play. The app’s creator claims that using it is “safe.” simply snaptube para pc
The free software ultimately costs users money, according to experts from the London-based security firm Upstream, who shared their results exclusively with TechCrunch.
According to Guy Krief, CEO of Upstream, customers are secretly fed invisible adverts without their awareness, generating ad money for the app developer at the price of draining their mobile bandwidth and battery life. The program also used the same background click method to bill users for premium purchases they never authorized.
According to Krief, the only signs that a user’s smartphone may be utilized in this way are an increase in mobile data consumption, a rise in device temperature, and a faster-than-normal battery drain.
The business attributed the problem to Mango, a third-party SDK code that was incorporated into Snaptube’s app. Mango was also utilized by 4shared, a cloud storage application, and Vidmate, a comparable video downloading program that has also been charged with engaging in ad fraud.
Uptream claims that in order to carry out this fraudulent ad activity, this third-party code kit downloads additional components from a central server and employs chains of redirection and obfuscation to conceal its activities.
Mango is very cunning, according to Krief. After it was discovered that Vidmate’s app was engaging in similar dubious activities, his business noticed a sharp decline in Snaptube’s dubious activity within a few hours. He remarked over the phone, “Our thinking back then was that they’re probably also employing identical code and they stayed silent because of all the exposure.
The strange behaviour in Snaptube’s app reappeared two months later.
A graph demonstrating how suspicious activity on Snaptube decreased after the Vidmate article was published (Image: Upstream).
According to Krief, it is “quite frequent” to observe applications involved in ad fraud cycling through periods of high activity and then periods of inactivity.
According to statistics from its in-house security platform, Upstream said that over 70 million suspicious transactions coming from four million devices had recently been banned. If those clicks had not been stopped, the business said that users may have been hit with unauthorized premium payments totaling tens of millions of dollars.
“We didn’t understand the Mango SDK was engaging in advertising fraud operations, which led us significant damage in brand reputation,” claimed Snaptube in a statement.
“We promptly replied and stopped all cooperations with them when the user complained about the nefarious conduct of the Mango SDK,” a spokeswoman added. The versions on our official website and in our regularly updated distribution channels are already free of this problem.
Snaptube declared that it was “considering” suing the Mango developers.
Snaptube has previously been discovered participating in possibly fraudulent conduct. Security company Sophos discovered the app engaged in similar fraudulent activity in February. The software generated and reported bogus ad clicks and racked up fees for the user. In response to concerns that Android users were receiving warnings that the app contained dubious third-party code later in the year, Snaptube stated that it will “stop” using the code “as soon as feasible.”
August is when that pledge was made. The code is still there in the application three months later.
The Chinese developer of the software claims Google will not permit video downloader apps on the store, hence the app is not available on Google Play. The app’s creator claims that using it is “safe.”
After it was discovered that Vidmate’s app was engaging in similar dubious activities, his business noticed a sharp decline in Snaptube’s dubious activity within a few hours. Security company Sophos discovered the app engaged in similar fraudulent activity in February. The software generated and reported bogus ad clicks and racked up fees for the user. In response to concerns that Android users were receiving warnings that the app contained dubious third-party code later in the year, Snaptube stated that it will “stop” using the code “as soon as feasible.”