Google's battle against malicious apps in its Play Store is an ongoing struggle as miscreants find new ways to enter the largest smartphone app marketplace. As and when apps portray suspicious behaviour, Google removes them from Play Store, either on its own or when informed by a third-party. But the risk is not fully averted after Google's action and here's a case proving the same.
Upstream Secure-D mobile security platform discovered that a popular Android keyboard app, ai.type, which was downloaded more than 40 million times before it was removed from Play Store in June, continues to pose a threat to millions of users. According to the report, ai.type is still in use on millions of Android devices and can easily be downloaded from third-party marketplaces.
Ai.type is a free app and like other free apps, makes an easy attraction for users. But there's a higher price to pay for those who continue using the app. The customizable on-screen keyboard app, which is described as free Emoji keyboard is delivering millions of invisible ads, generating fake traffic and subscribing users to premium services.
"Ai.type contains software development kits (SDKs) with hardcoded links to ads and subscribes users to premium services without their consent. These SDKs navigate to the ads via a series of redirections and automatically perform clicks to trigger the subscriptions. This is committed in the background so that normal users will not realize it is taking place," Dimitris Maniatis, head of Secure-D at Upstream, explained.
Users end up losing money through these hidden, unauthorised purchases in addition to the data consumption that happens in the background. The app's SDKs prevent it from being detected even using sophisticated analysis techniques, which is why users must be aware of such malicious apps.
According to the report, Upstream was able to prevent several transaction requests from the app, which could have cost users up to $18 million in unwanted charges. The suspicious activity from ai.type spiked significantly for two months soon after it was removed from Play Store in June.
What should users do?
If you've ever used or continue to use ai.type keyboard app, it is important to go through all the apps on the phone. It is possible that app may not appear in your home screen, so go to settings and then manually swift through all the apps installed on the phone. If you find any suspicious app, uninstall it.
Users, at any cost, avoid downloading apps from third-party sources. Always practice vetting of developers before installing a new app, read reviews and most importantly ask yourself if you really need the app.