Photo Credit: BuzzFeed News
Google has removed a host of popular apps, some of them from Chinese developer DU Groups, after the apps were found to indulge in ad fraud. These apps used to draw ad clicks even when they weren't running in the background draining battery and consuming data. DU groups reportedly took a lot of effort to conceal its ties with these fraud apps. The list of six apps includes a Selfie Camera app that had more than 50 million downloads.
BuzzFeed News reports that the fraudulent DU Group apps were identified after a list of nearly 5,000 popular apps was gathered from Google Play, and their information like developer name and number of installs was collated. These apps were then sifted through and the potentially dangerous ones were handed over to researchers and security firms for analysis.
It was later found that these apps ask for unnecessary permissions and commit ad frauds using these extra permissions. In the analysis process, it was also found that six apps that indulge in unethical practices are from DU Group, and these apps in total have over 90 million downloads. For those unaware, DU Group is a Chinese app developing company that was spun off from mega search giant Baidu and claims to have 1 billion users worldwide.
In its research, cyber-security company Check Point discovered that the popular Selfie Camera app - which has been installed more than 50 million times - contains code that allows users to automatically click on advertisements without the user's knowledge or consent. These ads were served by Google's AdMob and Twitter's MoPub platforms.
The six apps from DU Groups - Omni Cleaner, RAM Master, Smart Cooler, Total Cleaner and AIO Flashlight, and Selfie Camera - hid their affiliations with the organisation and also didn't disclose the fact that they were sending back data to China. They were all listed by a fake developer name Pic Tools Group. Google confirmed to the publication that it removed six DU apps from Google Play, but hasn't detailed on how it will address the Play Store policy abuse issue at large. Another notable app in the list was Samsung TV Remote Control, developed by US-based Peel Technologies, which asked for 58 permissions of which 23 were found to be in the dangerous category. The app is said to be part of a family of TV remote control apps from the company, all covered by a single privacy policy that says "the app collects detailed information about the 'content you consume (validated by audio content recognition).' This suggests the app accesses the microphone to record audio while you use it. It also collects information on your location, IP address, device, and behaviour when you use the app," the report added
Responding to the report, Peel said its apps do not perform audio content recognition, though the report notes Peel "did not respond to a follow-up question about why that feature is cited in its privacy policy. It also said it only shares 'Non-Personally Identifiable Location data for a fraction of our users' with third parties."
This new discovery raises pertinent questions like how developers manage to exploit Play Store policies, easily conceal who they are from users, offer apps with invasive permissions, and use these permissions to commit ad fraud. Google needs to put into place more stringent policies for developers, plastering all of these plausible loopholes.
For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.