{"id":7482,"date":"2019-07-20T14:22:00","date_gmt":"2019-07-20T07:22:00","guid":{"rendered":"https:\/\/news.adeptasiaconsulting.com\/?p=7482"},"modified":"2019-05-09T15:30:59","modified_gmt":"2019-05-09T08:30:59","slug":"google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2","status":"publish","type":"post","link":"https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/","title":{"rendered":"Google warns app developers of three malicious SDKs being used for ad fraud"},"content":{"rendered":"<div class=\"article-content\">\n<p id=\"speakable-summary\">A few days ago, Google removed popular&nbsp;Cheetah Mobile and Kika Tech apps from its Play Store following a <a href=\"https:\/\/www.buzzfeednews.com\/article\/craigsilverman\/android-apps-cheetah-mobile-kika-kochava-ad-fraud\">BuzzFeed investigation<\/a>, which discovered the apps were engaging in ad fraud. Today, as a result of Google\u2019s ongoing investigation into the situation, it has discovered three malicious ad network SDKs that were being used to conduct ad fraud in these apps. The company is now emailing developers who have these SDKs installed in their apps and demanding their removal. Otherwise, the developers\u2019 apps will be pulled from Google Play, as well.<\/p>\n<p>To be clear, the developers with the SDKs (software development kits)&nbsp;installed aren\u2019t necessarily aware of the SDKs\u2019 malicious nature. In fact, most are likely not, Google says.<\/p>\n<p>Google shared this news in <a href=\"https:\/\/security.googleblog.com\/2018\/12\/tackling-ads-abuse-in-apps-and-sdks.html\">a blog post today<\/a>, but it didn\u2019t name the SDKs that were involved in the ad fraud scheme.<\/p>\n<p>TechCrunch has learned the ad network SDKs in question are&nbsp;AltaMob, BatMobi and YeahMobi.<\/p>\n<p>Google didn\u2019t share the scale to which these SDKs are being used in Android apps, but based on Google\u2019s blog post, it appears to be taking this situation seriously \u2014 which points to the potential scale of this abuse.<\/p>\n<p>\u201cIf an app violates our Google Play Developer policies, we take action,\u201d wrote Dave Kleidermacher, VP, Head of Security &amp; Privacy, Android &amp; Play, in the post. \u201cThat\u2019s why we began our own independent investigation after we received reports of apps on Google Play accused of conducting app install attribution abuse by falsely claiming credit for newly installed apps to collect the download bounty from that app\u2019s developer,\u201d he said.<\/p>\n<p>The developers will have a short grace period to remove the SDKs from their apps.<\/p>\n<p>The <a href=\"https:\/\/www.buzzfeednews.com\/article\/craigsilverman\/android-apps-cheetah-mobile-kika-kochava-ad-fraud\">original BuzzFeed report found that eight apps<\/a> with a total of 2 billion downloads from Cheetah Mobile and Kika Tech had been exploiting user permissions as part of an ad fraud scheme, according to research from app analytics and research firm Kochava, which was shared with BuzzFeed.<\/p>\n<p>Following the report, Cheetah Mobile apps Battery Doctor and CM Launcher were removed by Cheetah itself. The company additionally issued a <a href=\"https:\/\/finance.yahoo.com\/news\/file-manager-app-contributed-0-142000662.html\">press release<\/a>&nbsp;aimed at reassuring investors that the removal of CM File Manager wouldn\u2019t impact its revenue. It also said it was in discussions with Google to resolve the issues.<\/p>\n<p>As of today, Google\u2019s investigation into these apps is not fully resolved.<\/p>\n<p>But<a href=\"https:\/\/www.buzzfeednews.com\/article\/craigsilverman\/google-removes-cheetah-kika-apps\"> it pulled two apps from Google Play on Monday<\/a>:&nbsp;Cheetah Mobile\u2019s&nbsp;File Manager and the Kika Keyboard. The apps, the report had said, contained code that was used for ad fraud \u2014 specifically, ad fraud techniques known as click injection and click flooding.<\/p>\n<p>The apps were engaging in app install attribution abuse, which refers to a means of falsely claiming credit for a newly installed app in order to collect the download bounty from the app developer. The three SDKs that Google is now banishing were found to be falsely crediting app installs by creating false clicks.<\/p>\n<p>Combined, the two companies had hundreds of millions of active users, and the two apps that were removed had a combined 250 million installs.<\/p>\n<p>In addition to removing the two apps from Google Play, Google also kicked them out of its AdMob mobile advertising network.<\/p>\n<p>With Cheetah\u2019s voluntary removal of two apps and Google\u2019s booting of two more, a total of four of the eight apps that were conducting ad fraud are now gone from the Google Play store. When Google\u2019s investigation wraps, the other four may be removed as well.<\/p>\n<p>Even more apps could be removed in the future, too, given that Google is demanding that developers now remove the malicious SDKs. Those who fail to comply will get the boot, too.<\/p>\n<p>One resource Google Play publishers, ad attribution providers and advertisers may want to take advantage of, going forward, is the Google Play Install Referrer API. This will tell them how their apps were actually installed.<\/p>\n<p>Explains Google in its blog post:<\/p>\n<blockquote><p>Google Play has been working to minimize app install attribution fraud for several years. In 2017 Google Play made available the <a href=\"https:\/\/android-developers.googleblog.com\/2017\/11\/google-play-referrer-api-track-and.html\" target=\"_blank\" rel=\"noopener noreferrer\" data-saferedirecturl=\"https:\/\/www.google.com\/url?q=https:\/\/android-developers.googleblog.com\/2017\/11\/google-play-referrer-api-track-and.html&amp;source=gmail&amp;ust=1544288116610000&amp;usg=AFQjCNH29GNlzGISZbRJ6DtR1QwH7BwEsw\">Google Play Install Referrer API<\/a>, which allows ad attribution providers, publishers and advertisers to determine which referrer was responsible for sending the user to Google Play for a given app install. This API was specifically designed to be resistant to install attribution fraud and we strongly encourage attribution providers, advertisers and publishers to insist on this standard of proof when measuring app install ads. Users, developers, advertisers and ad networks all benefit from a transparent, fair system.<\/p><\/blockquote>\n<p>\u201cWe will continue to investigate and improve our capabilities to better detect and protect against abusive behavior and the malicious actors behind them,\u201d said&nbsp;Kleidermacher.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>A few days ago, Google removed popular&nbsp;Cheetah Mobile and Kika Tech apps from its Play Store following a BuzzFeed investigation, which discovered the apps were engaging in ad fraud. Today, as a result of Google\u2019s ongoing investigation into the situation, it has discovered three malicious ad network SDKs that were being used to conduct ad [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":7481,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false},"categories":[6],"tags":[3489,3404,1952,362,1776,355,3490,136,2585,3491],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Google warns app developers of three malicious SDKs being used for ad fraud - Adept Asia Consulting<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Google warns app developers of three malicious SDKs being used for ad fraud - Adept Asia Consulting\" \/>\n<meta property=\"og:description\" content=\"A few days ago, Google removed popular&nbsp;Cheetah Mobile and Kika Tech apps from its Play Store following a BuzzFeed investigation, which discovered the apps were engaging in ad fraud. Today, as a result of Google\u2019s ongoing investigation into the situation, it has discovered three malicious ad network SDKs that were being used to conduct ad [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/\" \/>\n<meta property=\"og:site_name\" content=\"Adept Asia Consulting\" \/>\n<meta property=\"article:published_time\" content=\"2019-07-20T07:22:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-05-09T08:30:59+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/news.adeptasiaconsulting.com\/content\/uploads\/2019\/03\/20e87c8acc8d2807b5f40bcf7dfc7372.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1600\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\/\/news.adeptasiaconsulting.com\/#\/schema\/person\/5240d375880690fc7df8c46ef5f8f9c8\"},\"headline\":\"Google warns app developers of three malicious SDKs being used for ad fraud\",\"datePublished\":\"2019-07-20T07:22:00+00:00\",\"dateModified\":\"2019-05-09T08:30:59+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/\"},\"wordCount\":803,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/news.adeptasiaconsulting.com\/#organization\"},\"keywords\":[\"ad fraud\",\"ad tech\",\"Ads\",\"Advertising\",\"android apps\",\"developers\",\"fraud\",\"google\",\"Google Play\",\"sdks\"],\"articleSection\":[\"News\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/\",\"url\":\"https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/\",\"name\":\"Google warns app developers of three malicious SDKs being used for ad fraud - Adept Asia Consulting\",\"isPartOf\":{\"@id\":\"https:\/\/news.adeptasiaconsulting.com\/#website\"},\"datePublished\":\"2019-07-20T07:22:00+00:00\",\"dateModified\":\"2019-05-09T08:30:59+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/news.adeptasiaconsulting.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Google warns app developers of three malicious SDKs being used for ad fraud\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/news.adeptasiaconsulting.com\/#website\",\"url\":\"https:\/\/news.adeptasiaconsulting.com\/\",\"name\":\"Adept Asia Consulting\",\"description\":\"Consulting &amp; Marketing Agency\",\"publisher\":{\"@id\":\"https:\/\/news.adeptasiaconsulting.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/news.adeptasiaconsulting.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/news.adeptasiaconsulting.com\/#organization\",\"name\":\"InterDigitel\",\"url\":\"https:\/\/news.adeptasiaconsulting.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/news.adeptasiaconsulting.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/news.adeptasiaconsulting.com\/content\/uploads\/2017\/07\/Inter_Digitel_Logo.png\",\"contentUrl\":\"https:\/\/news.adeptasiaconsulting.com\/content\/uploads\/2017\/07\/Inter_Digitel_Logo.png\",\"width\":300,\"height\":278,\"caption\":\"InterDigitel\"},\"image\":{\"@id\":\"https:\/\/news.adeptasiaconsulting.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/news.adeptasiaconsulting.com\/#\/schema\/person\/5240d375880690fc7df8c46ef5f8f9c8\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/news.adeptasiaconsulting.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/717c84fea4845cf6840508c43f09a827?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/717c84fea4845cf6840508c43f09a827?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\/\/news.adeptasiaconsulting.com\"],\"url\":\"https:\/\/news.adeptasiaconsulting.com\/author\/admin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Google warns app developers of three malicious SDKs being used for ad fraud - Adept Asia Consulting","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/","og_locale":"en_US","og_type":"article","og_title":"Google warns app developers of three malicious SDKs being used for ad fraud - Adept Asia Consulting","og_description":"A few days ago, Google removed popular&nbsp;Cheetah Mobile and Kika Tech apps from its Play Store following a BuzzFeed investigation, which discovered the apps were engaging in ad fraud. Today, as a result of Google\u2019s ongoing investigation into the situation, it has discovered three malicious ad network SDKs that were being used to conduct ad [&hellip;]","og_url":"https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/","og_site_name":"Adept Asia Consulting","article_published_time":"2019-07-20T07:22:00+00:00","article_modified_time":"2019-05-09T08:30:59+00:00","og_image":[{"width":1600,"height":900,"url":"https:\/\/news.adeptasiaconsulting.com\/content\/uploads\/2019\/03\/20e87c8acc8d2807b5f40bcf7dfc7372.png","type":"image\/png"}],"author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/#article","isPartOf":{"@id":"https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/"},"author":{"name":"admin","@id":"https:\/\/news.adeptasiaconsulting.com\/#\/schema\/person\/5240d375880690fc7df8c46ef5f8f9c8"},"headline":"Google warns app developers of three malicious SDKs being used for ad fraud","datePublished":"2019-07-20T07:22:00+00:00","dateModified":"2019-05-09T08:30:59+00:00","mainEntityOfPage":{"@id":"https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/"},"wordCount":803,"commentCount":0,"publisher":{"@id":"https:\/\/news.adeptasiaconsulting.com\/#organization"},"keywords":["ad fraud","ad tech","Ads","Advertising","android apps","developers","fraud","google","Google Play","sdks"],"articleSection":["News"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/","url":"https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/","name":"Google warns app developers of three malicious SDKs being used for ad fraud - Adept Asia Consulting","isPartOf":{"@id":"https:\/\/news.adeptasiaconsulting.com\/#website"},"datePublished":"2019-07-20T07:22:00+00:00","dateModified":"2019-05-09T08:30:59+00:00","breadcrumb":{"@id":"https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/news.adeptasiaconsulting.com\/google-warns-app-developers-of-three-malicious-sdks-being-used-for-ad-fraud-2\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/news.adeptasiaconsulting.com\/"},{"@type":"ListItem","position":2,"name":"Google warns app developers of three malicious SDKs being used for ad fraud"}]},{"@type":"WebSite","@id":"https:\/\/news.adeptasiaconsulting.com\/#website","url":"https:\/\/news.adeptasiaconsulting.com\/","name":"Adept Asia Consulting","description":"Consulting &amp; Marketing Agency","publisher":{"@id":"https:\/\/news.adeptasiaconsulting.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/news.adeptasiaconsulting.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/news.adeptasiaconsulting.com\/#organization","name":"InterDigitel","url":"https:\/\/news.adeptasiaconsulting.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/news.adeptasiaconsulting.com\/#\/schema\/logo\/image\/","url":"https:\/\/news.adeptasiaconsulting.com\/content\/uploads\/2017\/07\/Inter_Digitel_Logo.png","contentUrl":"https:\/\/news.adeptasiaconsulting.com\/content\/uploads\/2017\/07\/Inter_Digitel_Logo.png","width":300,"height":278,"caption":"InterDigitel"},"image":{"@id":"https:\/\/news.adeptasiaconsulting.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/news.adeptasiaconsulting.com\/#\/schema\/person\/5240d375880690fc7df8c46ef5f8f9c8","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/news.adeptasiaconsulting.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/717c84fea4845cf6840508c43f09a827?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/717c84fea4845cf6840508c43f09a827?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/news.adeptasiaconsulting.com"],"url":"https:\/\/news.adeptasiaconsulting.com\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/news.adeptasiaconsulting.com\/wp-json\/wp\/v2\/posts\/7482"}],"collection":[{"href":"https:\/\/news.adeptasiaconsulting.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news.adeptasiaconsulting.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news.adeptasiaconsulting.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/news.adeptasiaconsulting.com\/wp-json\/wp\/v2\/comments?post=7482"}],"version-history":[{"count":0,"href":"https:\/\/news.adeptasiaconsulting.com\/wp-json\/wp\/v2\/posts\/7482\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news.adeptasiaconsulting.com\/wp-json\/wp\/v2\/media\/7481"}],"wp:attachment":[{"href":"https:\/\/news.adeptasiaconsulting.com\/wp-json\/wp\/v2\/media?parent=7482"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news.adeptasiaconsulting.com\/wp-json\/wp\/v2\/categories?post=7482"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news.adeptasiaconsulting.com\/wp-json\/wp\/v2\/tags?post=7482"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}