Upstream researchers are warning the public about the popular video app called “Snaptube” by Mobiuspace. Reportedly, the app is engaging in millions of suspicious transactions without showing any sign of it to the user. Upon deeper analysis, the researchers have found Mango SDK, the same piece of code that rendered the Vidmate app a hijacker back in May. Back then, it was Upstream who discovered the issue again, with the app downloading hidden ads, clicking on them, collecting user data, and even downloading more adware. This time, however, the app that we’re dealing with a much more popular one, having an estimated 40 million users.
As the researchers investigated further, they figured that the developer of Snaptube could be the same who released Vidmate, as the two apps use a similar traffic pattern, similar URLs, and similar domains. The threat detection platform of Upstream, Secure-D, caught and blocked about 70 million potentially fraudulent transactions in 4.4 million devices that are all attributed to the Snaptube app. This number corresponds to about $90 million in fraudulent charges, as the app was trying to subscribe to its users to premium digital services.
As Guy Krief, the CEO of Upstream, commented the following after they conducted lab tests on the app: “Under test conditions we found not just background advertising click fraud, but also countless examples of users being signed up for premium digital services or subscriptions even when the phone is not in use. No notifications appear on the screen whatsoever, and the user has absolutely zero control. It is also notable that the suspicious activity from Snaptube ceased soon after the publication of a media report about the Vidmate compromise.”
At the time of writing this, neither Snaptube nor Vidmate are available on the Google Play Store, so if you installed either of these apps previously, you should uninstall them now. Remember, the app’s functionality may be the one you expected, but there’s a lot more going on in the background that can result in charges that will burden you. Mobiuspace has two apps on the Play Store right now, both of which being game collection apps, offering three thousand games inside a single app. Judging by the user review score of “3.4”, we’d recommend that you stay away from these too, as it is very likely that they are following the same adware click-frauding approach.
Can you report anything similar to this app that’s on the Play Store right now? Let us know of the details in the comments section down below, or on our socials, on Facebook and Twitter.