I think, you have repeatedly been able to read about the exposure of the next malicious scheme on Android, the source of the distribution of which has become some famous application from Google Play. Only over the past year, I can count at least three such cases, although not very actively follow this topic. It just remember that some kind of well-known program with tens of millions of downloads suddenly turned out to be involved in a fraudulent campaign. Let's figure out how it turns out.
Why google is afraid that Android users will go to iOS
Practice shows that popular applications become part of a malicious campaign not so often. It is usually 1-3 cases per year, which, taking into account the range of all programs available in Google Play, is an insignificant digit. However, because of their demand, it is quite quickly recognized by almost everything.
What are the malicious applications
So what is missing developers? After all, if the project is already popular, has a platform audience, it seems that there is no point in joining an alliance with some kind of attackers to, firstly, kill a project that brings money, and, secondly, to dictate their own reputation. But it is not so.
As studies have shown, most of the applications are involved in fraudulent or malicious schemes not by the will of their creators. At least, if we talk about popular products. After all, by and large there are only two formats of participation in malicious campaigns:
- Advertising when the application does not twist advertisement;
- All other (extortion, paid subscriptions, issuing yourself for another application, etc.).
The administration of Joe Bayden "does not see the reasons" to remove sanctions with Huawei. Why?
In the first case, as a rule, advertising campaigns become the culprit. The fact is that the developers integrate a special code into their applications, which allows them to broadcast advertising offered by advertising networks. But sometimes the last chitryat and make it so that advertising broadcast does not stop.
And in the second usually the perpetrators are new owners. Few about it know, but sometimes applications developers for one reason or another sell their product to the side. If the buyer is a dishonest entrepreneur who decides to extract more benefits from his acquisition, even if then it is necessary to write off to the scrap, wait for trouble. That was how it was with many applications purchased by Chinese Cheetah Mobile.
Android Application Security
As a rule, companies that buy applications for fraudulent or other adjacent purposes are trying to make the transaction passed as quietly as possible. Therefore, no one knows about it for a long time, although the actual owner has already changed and has already managed to make changes to the user agreement (or not, but it does not matter).
If the buyer turns out to be unfair, then it is not necessary to expect that he will announce the purchase of an application to break the connection with the previous owner and do not spoil his image with its decisions. So usually no one does. Buyers, on the contrary, it is beneficial for everyone to think that the application still contains the source owner who trust users. Accordingly, they do not expect the software to which they are accustomed, begins to create some trash, extorting their data or signing paid mailing.
Why Google's own applications for iOS is better than for Android
Is it possible to deal with such schemes? In principle, possibly. After all, Google, which registers developers in Google Play, can not fail to know that the application has changed the owner or that old has moved under the wing of another, larger market player. In the end, the search giant collects a lot of data on developers published in its directory. Therefore, the company should start notifying users that their application has changed the owner and potentially you can expect changes to the rules of use. But Google itself is not very profitable, because from each transaction, even a dishonest, the search giant receives its percentage, and hence, hack bitch, on which you sit, meaningless.