Snaptube, the Android mobile video app with over 40 million users, may be involved in suspicious transactions that run in the background of the app without its users knowing.
Experts at mobile tech company Upstream noted that Snaptube shared the same developer code called Mango SDK, which was previously used by Vidmate – a Chinese app that was exposed for conducting ad and subscription fraud on a large scale last year.
Upstream operates the Secure-D platform which detects and blocks mobile fraud. Secure-D blocked 70 million potentially fraudulent transactions coming from Snaptube over the last six months.
The Snaptube app – made by Chinese company Mobiuspace – served and responded to ads running in the background of mobile devices without the consent of the users.
“Under test conditions, we found not just background advertising click fraud, but also countless examples of users being signed up for premium digital services or subscriptions even when the phone is not in use,” explained Upstream CEO Guy Krief. “No notifications appear on the screen whatsoever and the user has absolutely zero control.”
Ad fraud at this scale could easily cost consumers $90 million in premium digital service charges.
“Only the app downloads and clicks on the adverts,” adds Krief, “nothing is shown on the handset screens. The video app is literally a screen for the suspicious background activity.”
According to the company, users in Brazil, Egypt, Sri Lanka, Malaysia and South Africa were most affected.
“We are blocking new threats every day and we would advise anyone using the Snaptube app to carefully watch their phone bills and report to their operator any subscriptions or charges that they did not authorize,” he added.
Users who notice irregular activity with their mobile apps should delete the apps from their phones.