Ai.type is a keyboard for Android and iOS that has not been without controversy. At the end of 2017, the data of 30 million users was leaked and in June 2019 it was removed from Google Play, although it is still installed on the mobile phones of many users and can be downloaded from other alternative stores. Now he returns to the eye of the hurricane after having discovered that the keyboard was trying to scam users.
This is demonstrated by the report by Secure-D, Upstream’s mobile security platform, in which it comments that ai.type, with more than 10 million users, “has been caught making millions of unauthorized purchases of premium digital contentFurthermore, “the app has been displaying millions of invisible ads and making fake clicks.” The firm estimates all of these transactions could have cost users. $ 18 million in unwanted charges.
How to PROTECT your ANDROID from VIRUSES and MALWARE: Tips and Tricks
Maximum activity after being eliminated
Google removed ai.type in June 2019 and, according to Upstream information, it was since then that a higher volume of suspicious activity was detected, understanding suspicious activities such as unwanted transactions or premium subscriptions. The report speaks of 14 million transactions in 110,000 unique devices, so we are talking about 127 transactions per device, something unusual in this type of application.
Upstream blocked these transactions, but if all of them had been executed the total cost would have amounted to 18 million dollars, $ 163 per single device and just over $ 1 per individual transaction. Interestingly, suspicious activity spiked after its removal from Google Play, which makes sense since the security of depending on which third-party app stores, where the app is still available, may not be the same as that of the Google Play Store. .
According to the CEO of Upstream, “the mobile ad fraud market is worth about $ 40 billion annually”
This type of transaction has been detected in 13 countries, mainly in Egypt and Brazil, although there are also European countries such as Poland, Germany or the United Kingdom. Since mid-August, activity has been decreasing, but as of October 2019, around 30,000 suspicious activities have been registered.
Obviously, the application requested all kinds of permissions, from reading the user’s contact data and reading and writing in the storage to accessing the accounts and recording audio. It is currently out of Google Play and from the Amazon app store, but it can still be downloaded from the App Store (there is no evidence that this version behaves in the way described above).
Via | The Next Web