The Snaptube app for android is detected with fake advert click and unauthorized premium purchases from the users. A report is recently released by TechCrunch with exclusive information by Upstream security firm. Guy Krief, Upstream’s CEO informed that there are Snaptube users who are served advertisements without their insight that runs quietly on the device.
What is Snaptube?
Snaptube is a popular video downloading app for the Android operating system which is free of cost. Snaptube is developed in China. Users can download music and video recordings from several platforms like youtube, facebook and more. Snaptube app features include a converter that can be utilized to convert and download MP4 videos to MP3 audio or in MP4 format in any resolution.
The Snaptube video downloader app is already downloaded and used by an excess of 40 million users around the world. Although the app is not available on the play store because Google does not support any video downloader app in the store. However, the Chinese app designer ensures that the Snaptube application is protected to work. It can be downloaded from the official site of the app.
Snaptube detected with SDK code
Snaptube is caught with a third-party software development kit code called Mango. As indicated by Upstream, this code pack downloads extra segments from the central server so as to take part in this fake promotion movement, and utilizations chains of redirection and obscurity to shroud its action. Mango SDK was already detected in another ad fraud of Vidmate app. This SDK code gets in the software of the app and helps generate ad revenue by consuming mobile data and battery power. Turns out Snaptube is not actually free of cost.
Lately, it has blocked in excess of 70 million suspicious transactions starting from 4,000,000 devices, as indicated by information from its restrictive security stage. They also confirmed that the Snaptube users of South Africa, Sri Lanka, Malaysia, Brazil, and Egypt are at higher risk of illegal transactions. The organization said
Customers could have been charged a huge amount in undesirable premium charges had those snaps not been blocked.
This is the second time Snaptube is getting caught for this type of fraud activities. Earlier in the year Sophos which us another security firm detected similar third party SDK in the app. Users were getting charged by unwanted ad clicks. In response, the company assured that they will be taking strict action and block third-party code on a prior basis.
The Snaptube company this time again responded and said they are not aware of any fraudulent activity going on in the app. They also added this is a major fall for their companies reputation and now a legal action will be taken against Mango developers.
We didn’t realize the Mango SDK was exercising advertising fraud activities, which brought us major loss in brand reputation. After the user complained about the malicious behavior of the Mango SDK, we quickly responded and terminated all cooperations with them. The versions on our official site as well as our maintained distribution channels are free of this issue already.
Guy Krief, suggested to uninstall the app and if not take precautions but seeing the symptoms of extra battery loss or fast data consumption.
We are blocking new threats every day and we would advise anyone using the Snaptube app to carefully watch their phone bills and report to their operator any subscriptions or charges that they did not authorize and Upstream advises users to delete an app from their phones if they see signs of irregular activity pointing to a suspicious application consuming data in the background.
Users are always advised to never install third-party applications because they are at high-risk factors involving privacy threats. Snaptube is one such app but still, users rely upon it because of the video download service it provides. Now it’s a question if Snaptube will take any action after this report or ignores it like last time.
Update: The developer of Snaptube, Mobiuspace contacted Around Android regarding the clarification of Third-Party App Fraudulent Activities. The company says that, There is no involvement of Snaptube with these activities. After the issue was witnessed, the company took immediate action to block Mango SDK from all possible versions and also they sent out notifications to users for Snaptube latest version update.
Although they were unable to resolve the issue fully because there are distributers that are promoting the old versions APK of the app and users who are still using the old version. They suggested to, Download the Snaptube latest APK from its official website or from trusted sources like UptoDown & Aptoide.
The Statement by Mobiuspace is given below
Recently, news broke out about suspicious activity in Snaptube, related to our collaboration with a third party known as Mango SDK, which allowed fraudulent ad practices that run against our beliefs and commitment with our users.
Since August 16th, the date we noticed the issue directly relate to this third party SDK, we took immediate actions and released an update which took Mango SDK off in the subsequent versions, as well as sent out notifications to all users to update to the latest version through in-app pushes and notifications.
In addition, there are many small channels & developers promote old versions of our apk or even counterfeit versions of Snaptube, which we could not regulate or control. We re-emphasized through various social media channels that the current versions downloaded from our official site (https://snaptube.com and https://snaptubeapp.com) and a few other main third party app stores (such as UptoDown & Aptoide) in which we personally maintained are covered in the update.
While we regret that the epidemic of the fraud activity may not get down to an absolute zero after multiple actions took to disassociate the SDK’s influence over existing users, partly may due to that SDK is running in the background of those users who haven’t yet updated.
We firmly believe in our core value of “create value for users”, and having SDKs that endangering our users are something we couldn’t tolerate ourselves. We’ve decided to take our step furthermore to offline all third party advertising SDKs to avoid further complications, we are also looking to take initiative to achieve potential collaboration with security monitoring company like Upstream to constantly monitor our app to prevent similar issues.