The high-ranking Android application 4shared, with over 100-million downloads, has been found to trigger suspicious background activity, according to mobile technology company Upstream.
The app delivers invisible ads to the device, generates fake clicks and carries out purchases of premium digital services, while reporting real views, clicks and purchases to the ad networks.
Over a recent period, Upstream’s security platform, Secure-D, detected and blocked more than 114-million suspicious mobile transactions initiated by 4shared.
These transactions originated from 2-million unique mobile devices across 17 countries.
If not blocked, they would have subscribed users to premium digital services potentially costing them up to $150-million in unwanted charges.
Most of the suspicious activity, which is still ongoing, was mostly centered in Brazil, while other top affected markets include Indonesia and Malaysia.
Guy Krief, CEO of Upstream, comments: “The growing sophistication of disguised malware in the form of seemingly benign and quite often very popular applications together with the scale of the issue can no longer be ignored.
“No entity in the mobile ecosystem remains unaffected. From app developers, ad networks and publishers, to advertisers malware is putting a dent in both their credibility and earnings.
“Mobile operators, more often than not, are taking the blame while consumers not only remain widely unprotected and unwarned but are called to foot the bill. Mobile ad fraud, a $40-billion industry, will reign unchallenged unless increased mobile security rises up in the industry’s priority list.”
4shared is a popular and highly-ranked Android application that allows users to store and share video and audio files. The app generated over 100-million downloads from Google Play and ranked second in its category in Austria, seventh in Italy, and 10th in Switzerland.
On 17 April 2019 it was removed from Google Play, then replaced the following day. The new version has been submitted as an entirely new app – not a version update -keeping the original 4shared icon.
As of 21 June, there have been more than 5-million installs of the “new” 4shared on Google Play, free from the code responsible for the suspicious activity, as opposed to the more than 100-million previous app users that remained affected.