There are numerous apps and programs available on Android that give mobile users a lot of problems. Most of them may be regarded as bloatware but there are others that make devices vulnerable to attacks. We have a long list of mobile security threats and viruses already seen on the Android platform but more are being added. The latest has something to do with the Vidmate Android app that is said to be installing suspicious apps and generating fake clicks.
The app does unauthorized background activities without the consent of the device owners. All these information are from Secure-D, the security lab of Upstream. The firm revealed that VidMate has been triggering a series of suspicious background activities.
The video app now has more than 500 million downloads. What the app does is bring invisible ads and generate fake clicks. Fake purchases have been reported as well despite not getting the concent of the phone owners.
Personal users’ information is being collected and shared without content. Unwanted charges are also included in the complaints.
Now let’s talk about numbers: over than 128 million mobile transactions started by VidMate have been detected as suspicious and are already blocked. That is a lot coming from some 4.8 million smartphones from different countries. If those were not blocked, about $170 million worth of charges may have resulted.
At first glance, you won’t think nothing is unusual with VidMate because it’s a simple app that downloads and stream videos. At the moment, you can’t see or download it from the Play Store but it’s available from another app store. VidMate is from a UC Web subsidiary. UC Web is owned by Alibaba.
Watch the video below that exposes VidMate:
The Secure-D team simply wanted to check the code of VidMate. The move allowed the team to discover some suspicious code. There is a third-party SDK that is being loaded. Known as the ‘Mango’, this SDK executes some inactive and hidden code. It’s suspicious as it does many activities in the background.
VidMate is said to be abusing permissions. Downloading and installing unknown software without informing the user is happening and must be stopped. If you have downloaded VidMate in the past or have it in your device, we strongly recommend you uninstall and delete the app.