It was reported last week that eight apps on Google Play with more than two billion downloads have been exploiting user permissions to steal “millions of dollars”. Seven of these apps are from Cheetah Mobile, a Chinese Internet company, while the other one has been developed by Kika Tech, another Chinese firm. After internal investigation, Google has reportedly confirmed that it has removed two of the apps from the list- CM File Manager and Kika Keyboard.
The tech giant told BuzzFeed News that these two apps contain code used that can execute ad fraud techniques like click injection and click flooding. “We take these allegations very seriously and our Google Play Developer policies prohibit deceptive and malicious behaviour on our platform. If an app violates our policies, we take action,” Google told the publication.
The report states that according to app analytics firm AppBrain, CM File Manager and Kika Keyboard together have been downloaded more than 250 million times. The Kika Keyboard app was on the top spot on the Play Store in the top keyboard app list, and Cheetah Mobile is said to be the largest developers in the Android ecosystem.
Out of the list, Battery Doctor and CM Launcher apps were also removed by Cheetah Mobile last week itself. The company has issued several statements ever since the news broke out last week, and it seems to shift the blame onto third party SDKs installed in its apps. Furthermore, it even threatened to take legal action against Kochava, the app analytics and attribution company that first found malicious behaviour within these eight apps. The latest statement even alleged that “Kochava’s testing methods contained fundamental mistakes, leading to a number of false or misleading conclusions.”
Dismissing Cheetah Mobile’s claim of third party SDKs causing click injections, in the report, Google says it found native code within these two apps that was used for install attribution abuse. The tech giant further states that investigation is still underway and it will take additional action.
The other apps developed by Cheetah include CM Launcher 3D, Security Master, CM Locker, and Cheetah Keyboard, and we strongly recommend users to not download any of these apps, or uninstall them if they exist on your Android device, until full investigation by Google is completed.
Google Ads enables businesses of all sizes, from around the world, to promote a wide variety of products, services, applications, and websites on Google and across our network. We want to help you reach existing and potential customers and audiences.
However, to help create a safe and positive experience for users, we listen to their feedback and concerns about the types of ads they see. We also regularly review changes in online trends and practices, industry norms, and regulations. And finally, in crafting our policies, we also think about our values and culture as a company, as well as operational, technical, and business considerations. As a result, they have created a set of policies that apply to all promotions on the Google Network.
Google requires that advertisers comply with all applicable laws and regulations and the Google policies described above. It’s important that you familiarize yourself with and keep up to date on these requirements for the places where your business operates, as well as any other places your ads are showing. When they find content that violates these requirements, they may block it from appearing, and in cases of repeated or egregious violations, they may stop you from advertising with them.