Report by mobile tech company Upstream has revealed top apps that were used to scam users of their money last years
Tech company Upstream revealed the massive scale of fraud in mobile. Its Secure-D anti-fraud platform has identified nearly 98,000 malicious apps in operation in 2019 across the 20 countries where the platform is deployed.
The numbers went up by 55% compared to 2018 (63,000 malicious apps).
"[Mobile fraud] greatly affects the whole mobile ecosystem. Most importantly it adversely impacts consumers; eating up their data allowance, bringing unwanted charges, messing with the performance of their device, and even targeting and collecting their personal data. It is more than an invisible threat, it is an epidemic (...). Left unchecked, ad fraud will choke mobile advertising, erode trust in operators and lead to higher tariffs for users," says Dimitris Maniatis, CEO of Upstream commented.
Upstream named top 5 apps used for fraud in 2019:
1
Ai.type: emojis with invisible trick
Info
Downloads 40 million
Developer ai.type LTD.
Availability on Google Play Available
Suspicious transactions blocked 14 million
Fraudulent charges prevented $18 million
Ai.type was a popular emoji keyboard app for Android able to learn user's most common phrases and speed up the typing by offering suggestions. Except the app developed in Israel was found to be delivering millions of invisible ads and non-human clicks. In July 2019 the app was removed from Google Play, and that's when the suspicious activity peaked.
2
Snaptube: oh, snap
Info
Downloads 40 million
Developer Mobiuspace
Availability on Google Play Third-party app stores only
Suspicious transactions blocked 70 million
Fraudulent charges prevented $91 million
Snaptube is a service allowing its users to download video/music from popular websites and social networks. A great idea, it might seem, but the app was also performing a number of suspicious actions, showing invisible ads, generating non-human clicks and purchases. Then the app reported them to the advertising networks as real clicks and views.
3
4shared: sharing a bit too much
Info
Downloads 100 million
Developer New IT Solutions Ltd.
Availability on Google Play Removed April 2019 replaced the next day
Suspicious transactions blocked 114 million
Fraudulent charges prevented $150 million
4shared is a desktop app for sharing and storing files. It was available since 2011 and had many positive reviews - even from Microsoft Store. However, Secure-D found that 4shared hides suspicious background activity: generates fake views, clicks and purchases. 4shared was used to fake user engagement metrics and take money from advertising networks.
4
VidMate: not really your mate
Info
Downloads 500 million
Developer UC Web
Availability on Google Play Third-party app stores only
Suspicious transactions blocked 128 million
Fraudulent charges prevented $170 million
Another app allowing users to download videos from YouTube and Vimeo. Except this one comes with hidden component generating invisible ads, fake clicks and even installing other suspicious apps without user's consent.
5
Com.tct.weather: the weather is not fine today
Info
Downloads 10 million
Developer TCL Corporation
Availability on Google Play Available
Suspicious transactions blocked 27 million
Fraudulent charges prevented $1.5 million
Com.tct.weather is a weather forecast app with built-in malware designed to attempt fraudulent transactions.
"Losses from online, mobile, and in-app advertising reached $42 billion in 2019 and are expected to reach $100 billion by 2023, according to Juniper research published last May. Considering that fraudsters operate at scale and can simultaneously target millions, tens of millions, or even hundreds of millions of devices in one hit, the means to stop them in their tracks need to likewise operate at scale," Maniatis says.