Popular Android app uncovered as suspicious
Upstream, a mobile technology company, reports that high-ranking Android application 4shared with over 100 million downloads was found to trigger suspicious background activity.
Source: pixabay.com
The app delivers invisible ads to the device, generates fake clicks and carries out purchases of premium digital services, while reporting real views, clicks and purchases to the ad networks.
Over a recent period, Upstream’s security platform, Secure-D, detected and blocked more than 114 million suspicious mobile transactions initiated by 4shared. These transactions originated from 2 million unique mobile devices across 17 countries.
If not blocked, they would have subscribed users to premium digital services potentially costing them up to $150m in unwanted charges. Most of the suspicious activity, which is still ongoing, was mostly centred in Brazil while other top affected markets include Indonesia and Malaysia.
Guy Krief, CEO of Upstream, commented “The growing sophistication of disguised malware in the form of seemingly benign and quite often very popular applications together with the scale of the issue can no longer be ignored. No entity in the mobile ecosystem remains unaffected. From app developers, ad networks and publishers, to advertisers malware is putting a dent in both their credibility and earnings. Mobile operators, more often than not, are taking the blame while consumers not only remain widely unprotected and unwarned but are called to foot the bill. Mobile ad fraud, a $ 40 billion industry, will reign unchallenged unless increased mobile security rises up in the industry’s priority list”.
4shared is a popular and highly-ranked Android application that allows users to store and share video and audio files. The app generated over 100 million downloads from Google Play and ranked second in its category in Austria, 7th in Italy, and 10th in Switzerland.
In April 2019, it was abruptly removed from Google Play, then replaced the following day. The new version has been submitted as an entirely new app – not a version update – keeping the original 4shared icon.
As of 21 June 2019, there have been more than 5 million installs of the ‘new’ 4shared on Google Play, free from the code responsible for the suspicious activity, unlike the more than 100 million previous app users that remained affected. 4shared is reportedly developed by Ukrainian firm, New IT Solutions Ltd.