Snaptube, a video and music app available exclusively on Android, has been found making millions of unauthorized transactions without the knowledge of its 40m users. According to Upstream, a specialist mobile technology company, Snaptube was using the same piece of developer software code, Mango SDK, which was used in another fraudulent app, Vidmate.
Earlier this year, video app Vidmate was caught conducting mass scale advertising and premium services’ subscription fraud. Upstream discovered there were other similarities between Vidmate and Snaptube, including the display of common traffic patterns and overlapping fraudulent URL’s and domain names.
Upstream’s security platform, Secure-D -which helps operators by safeguarding digital transactions detecting and blocking mobile fraud- prevented 70m potentially fraudulent transactions from Snaptube, in the last six months alone.
Upstream said the millions of blocked transactions would have cost 4.4m consumers more than $90m in unauthorized charges for exclusive digital services. After lab testing, Upstream found that Snaptube was able to secretly collect and respond to advertising in the app’s background without alerting any of its users.
“Only the app downloads and clicks on the adverts nothing is shown on the handset screens. The video app is literally a screen for the suspicious background activity,” commented Guy Krief, CEO, Upstream.
“Under test conditions we found not just background advertising click fraud, but also countless examples of users being signed up for premium digital services or subscriptions even when the phone is not in use,” said Krief. “No notifications appear on the screen whatsoever and the user has absolutely zero control.”
Through more research, Upstream was able to confirm Snaptube users in Brazil, Egypt, Sri Lanka, Malaysia, and South Africa were at the highest risk of being affected by the illegal transactions.
“Not only does Snaptube share similar characteristics and elements of software code as Vidmate,” Krief continued, “it is also notable that the suspicious activity from Snaptube ceased soon after the publication of a media report about the Vidmate compromise.
“We are blocking new threats every day and we would advise anyone using the Snaptube app to carefully watch their phone bills and report to their operator any subscriptions or charges that they did not authorize” he added. Upstream advises users to delete an app from their phones if they see signs of irregular activity pointing to a suspicious application consuming data in the background,” said Krief.