com.quvideo.xiaoying

VivaVideo is a top-rated video editing app for Android devices that has been caught initiating premium subscription attempts, delivering invisible ads to users while avoiding detection by users. Since early 2019, Secure-D detected and blocked over 20 million suspicious mobile transactions, originating from the VivaVideo Android app.

Read More →

triada

Secure-D, has blocked millions of suspicious subscription requests coming from low-end devices made by Transsion, a Chinese manufacturer of affordable smartphones for the African market. Triggered by another malware that was found on the phones, Secure-D researchers exposed how the Triada/xHelper duo facilitated mobile ad fraud.

Read More →

com.aitype.android

An Android keyboard app, ai.type, has been delivering millions of invisible ads and non-human clicks. While these ads are never seen by the users and do not appear on screen, genuine user data about real views, clicks and purchases are reported to ad networks.

Read More →

com.snaptube.premium

Secure-D uncovers non-human clicks and subscriptions originating from the popular Snaptube Android app.The Snaptube app features the same piece of developer software code, Mango SDK, that was at the center of the Vidmate expose earlier this year – when another popular video app from a Chinese developer was found to be committing mass scale advertising and subscription fraud.

Read More →

com.forshared

A top-rated Android app for file sharing and storage, 4shared, hides suspicious background activity. 4shared has been delivering bogus ads to user devices that generate fake views, clicks and purchases; then reports falsified engagement metrics back to advertising networks. The ads are never seen by users and don’t actually appear on screen.

Read More →

com.nemo.vidmate

A popular Android application for video downloading, VidMate, with over 500m downloads triggers suspicious background activity. A hidden component within the app delivers invisible ads, generates fake clicks and purchases, installs other suspicious apps without consent and collects personal users’ information. Consequently, it depletes users’ data allowance and brings unwanted charges.

Read More →

com.tct.weather

Com.tct.weather is an advanced malware designed to siphon a lot of data and attempt fraudulent transactions. Malware has been found pre-installed on Alcatel Android devices manufactured by TCL Corporation, a Chinese tech firm known for making the Alcatel and Blackberry devices.

Read More →

com.rock.gota

Com.rock.gota is a powerful malware that wreaks havoc in developing countries.This type of malware comes pre-installed on low-end smartphones and incorporated into Android apps, being primarily designed to display download software, adverts and to collect confidential information.

Read More →