Vidmate is a popular Android app, that allows users to download videos from social media platforms such as WhatsApp, Instagram, Facebook and giant video sharing app YouTube. Recently, the app has been behaving suspiciously. The app has been acting strangely by draining phone’s battery, showing users hidden ads, consuming mobile data and sometimes infringing on your personal information.
The startling part is that nobody knows who the executives of this company are or its funders.
This comes after an investigation done by Upstream and according to its CEO, Guy Krief who adds that people who download the app are giving up control of their devices and personal data to the app.
Here’s what the app does
According to Upstream, your phone and its connection via Vidmate become part of a botnet that is used to commit ad fraud by showing ads that users can’t see- it does all this without your consent. Secure-D, Upstream’s security lab detected and blocked more than 128 million suspicious transactions started by the app. Their research revealed that these transactions came from 4.8 million unique devices across 15 countries and if they were not blocked, users were then subscribed to premium digital services that would have cost them up to $170 million in unwanted charges.
The team crosschecked with reports from users who noticed that their phones were performing non-user initiated subscriptions. Other issues users raised included reduced battery life even on idle state, unexpected mobile data use.
When downloaded Vidmate would load Mango, a third party SDK that initiates the ad fraud by delivering ads to the users phone and simulate clicks to access and confirm paid subscriptions. It does all this in the background without the users’ knowledge hence the increased depletion of mobile data and battery drain even when the phone is not in use. These views and clicks are then reported as genuine to ad networks.
What is more worrying is that the app started collecting personal data from its users from IMEI(International Mobile Equipment Identity) number to IP addresses and IMSI(International Mobile Subscriber Identity) – all this without consent and sending the data to nonolive servers(this relationship has since been terminated) in Singapore, an Alibaba funded company. Vidmate was developed by UCWeb, a subsidiary of Alibaba before it got sold off last year.
Android malware
Vidmate has so far been removed from the Play Store where it had over 500 million downloads but can now be found on other non-official Android app stores. If you already have it, go ahead and uninstall it.
Talking to Buzzfeed, Guy Krief said that Android’s open nature allowed for the wide distribution of mobile malware and that the digital advertising’s complexity empowers fraudsters as it is a worldwide playground with low risks and high incentives. Read Upstream’s research here.
How do I protect myself from downloading these malicious Android apps?
Before Downloading:
- Use trustworthy app stores
- Take heed of the reviews the app has
- Check the star ratings the app has gotten
- Run away from apps that are wildly overly-permissioned
- Verify if its the real app
After Downloading
- Stay away from apps that ask for additional unnecessary permissions
- Remove apps that don’t do what they are supposed to do
Read the steps here with a more in-depth explanation on how to protect yourself from downloading these malicious Android apps.
Here’s a security checklist to go through for your Android Smartphone.