If we asked Android users with more experience about the worst application development company Surely one name would stand out above the rest: Cheetah Mobile. This Chinese developer has earned her bad reputation freehand based on ruin applications and to create all kinds of apps empty of use and full of advertising. But it wasn't all: now she has been caught committing a very serious advertising fraud.
Cheetah Mobile, or how to get everyone to shake every time you buy an application
If Cheetah Mobile is known for something in the Android world, it is for its ability to transform successful applications into a complete disaster.
Surely you know that apps from Cheetah Mobile Not only do they include nuncios, they also abuse the permissions asking for tasks that make no sense given the functions of the specific application. Thus, a simple keyboard has access, literally, to the other applications, to the phone, to all accounts, identity … And with this huge number of permissions in their applications Cheetah Mobile was profitable by inserting ads in other apps.
Cheetah Mobile applications take advantage of other applications to profit improperly
The immense advertising fraud discovered by Kochava and BuzzFeed News uncovers with absolute clarity the null scruples of the mobile application company Cheetah Mobile. With apps that exceed one billion downloads, such as Clean Master, we can glimpse the gigantic reach of an unprecedented scam in mobile app stores.
The master plan of Cheetah Mobile To increase its advertising revenue, it abused the permissions granted by the user to its applications (what a surprise) to monitor the other installed apps by placing ads on their interfaces in order to obtain clicks as if they were from their own applications. Seven Cheetah Mobile apps were caught with this methodology: Clean Master, Security Master, CM Launcher 3D, Battery Doctor, Cheetah Keyboard, CM Locker and CM File Manager. Another application discovered in identical fraud was KIKA Keyboard, with more than 100 million downloads.
The way of acting of these applications is as follows:
- The user downloads a Cheetah Mobile application on their mobile without looking at the permissions. It literally gives you access to your entire phone.
- The Cheetah Mobile application, once installed, monitors the other installations made by the user.
- When an external application is detected, Cheetah Mobile identifies its advertising providers.
- Once detected the way in which the external application serves and sends the information of the ads in its interface Cheetah Mobile makes sure to charge the advertising benefits for the installation.
- Google has clarified that Facility monitoring can also be done for legitimate reasons. According to Google, they have no evidence that the behavior of the applications detected was inappropriate.
- Cheetah Mobile earns advertising revenue from all user apps even if they have not served any ads: the scammer is responsible for the advertisers reflect that it was their apps that captured the click.
This way of acting not only puts the privacy of the user at risk (privacy that you lose completely once you install any Cheetah Mobile app), it also represents a huge fraud for advertisers. Invalid advertising traffic, which includes «Automatic click tools or traffic sources, robots or other deceptive software«, Is against the policies of AdMob.
The tremendous popularity of Cheetah's applications makes it difficult to eject Google Play
That applications with billions of users commit advertising fraud is not only serious for advertisers, it also involves losses of privacy and security such that Google should definitely expel Cheetah Mobile and KIKA from the Play Store making sure they can't come back under another developer name. The problem is: Google will risk doing so taking into account the gigantic volume of users who own their apps?
Google has shared with us some clarifications that we have included in the article. He also told us: «We have reviewed the behavior highlighted by this note and we are investigating further with the developers«.
The developer has published a press release in which it denies committing fraud and specifies that it cannot control how other applications use its ad SDK within its programs.