The VivaVideo app, with more than 100 million downloads, commits advertising and payment fraud, according to Secure-D

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email
Share on whatsapp

Table of Contents

A famous video editing app has been caught committing serious fraud: VivaVideo would generate false advertising clicks, steal user data and, above all, would have collected more than 27 million unsolicited subscriptions.

It is not the first time that we see fraudulent applications in the Play Store and it will not be the last, there is no doubt that Google has a serious problem with detecting malicious software. Ad fraud is becoming more common, too abuse trial subscriptions. And there are applications that are repeat offenders, as with vivaVideo: this app has already been caught integrating spyware in its code. Now its developers have gone further.


VivaVideo would try to subscribe the user without him knowing

Vivavideo

What the Secure-D security signature is of enormous importance, not only because of the hidden activity of the application itself: VivaVideo is an extremely popular app that has been downloaded on more than 100 million Android and that, above all, it has an average of 4.4 stars. With these figures it is surprising that under the code it has a functioning dedicated to squeeze each user in the background.

As we said, the developers of VivaVideo have already been caught embedding spyware in the code to steal user data. That was in May of this year, almost six months before Secure-D analyzed the application’s background behavior for discover multiple fraud attempts, all of them very serious.

Vivavideo

VivaVideo is a video editing app, its name says so. Even so it requires more permissions than necessary for the task, it also integrates in-app purchases to unlock full use of the software. The problem is that VivaVideo hides an advertising fraud from the user based on open ads in the background and simulate clicks, an attitude that Google is penalizing especially. And not only that: as they discovered in Secure-D, VivaVideo tries to charge small payments to its users to pay them to subscriptions with the intention of obtaining commission per affiliate. As a final straw, developers take advantage of the app to capture data from the phone.

VivaVideo would have loaded up to 27 million payments in subscriptions according to data obtained by Secure-D

As they stood out on Forbes, the security firm has put your discovery in the hands of Google, who is investigating it. Our advice is that if you installed VivaVideo, remove the application. Any precaution is always little.

Via | Upstream


The news

The VivaVideo app, with more than 100 million downloads, commits advertising and payment fraud, according to Secure-D

was originally published in

Xataka Android

by
Ivan Linares

.

The VivaVideo app, with more than 100 million downloads, commits advertising and payment fraud, according to Secure-D 1

The VivaVideo app, with more than 100 million downloads, commits advertising and payment fraud, according to Secure-D 2