The theft of Android developers: the use of counterfeit advertising revenue was robbed

Shanzhai application floods The shame of Android developers

Regular application frequently be cottage, the money that oneself make is taken away by others

The openness and free nature of the Android system has allowed developers and users to flock to it, and users are becoming accustomed to the "free lunch" that Android uses. But behind the free, there is a huge security shadow.

Regular applications are frequently "top packs"

"They totally stole the official logo of our love-like, and even the introductions are exactly the same." ", in the face of" Love fan Son "application of the cottage version of love, a person in charge of this rage. He said to the IT Times reporter, recently in the millet market with a love-style application of the same name, including software introduction, icons are exactly the same, known as Love fan son application of the "fan version", but the developers in the interior of the purchase of a large number of advertising content, in fact, is "trickery."

"The average small company would do that, and big companies would consider the impact not." An Android application developer told the IT times that small companies, in order to save costs and make a profit, often shanzhai some well-known apps, and then embed their own ads and even malicious code inside them, which is what the industry calls the "packaging party".

Not only is "Love Fan er" 's Android application being Shanzhai, but also some well-known Android apps are not spared.

Reporter in the broad bean network joint "safety Housekeeper" published malicious application to see, recently on the Android platform, the most popular "fishing Tatsu people" "Happy pasture" "Fruit Ninja" These game applications, and even "Baidu map" "Baidu Music" These well-known applications are not spared. These pirated apps are almost no different from their official apps, but they contain malicious withholding, SMS, download-paid apps, and other background code.

Advertising revenue is robbed

"Packing Party" one of the practices, is to crack the formal application, in which built-in their own advertising, the opportunity to profit.

"Hard to develop their own software, was someone else to the cottage, and even directly packaged treatment, is very depressed." "Wang (a pseudonym) is a developer who engages in Android applications, he told the IT Times reporter that the cottage production process is easy, the shanzhai cracked will be added to the ads for their own profit, and some advertising platform also" like "This low-cost piracy applications, because the latter's advertising is not high.

"Now the main or Pay-per-click (CPS) mode, is generally 0.15~0.2 between the yuan, that is, every time users click ads, developers can get 0.15~0.2 yuan income." As long as your user experience does not particularly bad, you can get long-term advertising cooperation and profit sharing. One advertising platform trader told reporters. Their gains are grabbed by others, which makes it frustrating to develop apps that rely on built-in ads to survive.

Users are exposed to security risks

Another approach of the "packing party" is to remove or replace the built-in ads for the application software in the name of "cracked version" to attract users to download it, and embed malicious code or permission "backdoor" inside the application.

"Normal android application software requirements generally with their own functions, such as weather forecasts and other applications need to locate permissions to obtain the user's current location, and call management applications such as users need to contact people and calls and other rights, the normal application of the right requirements will not exceed the software function." "Mobile security vendors, Beijing Safety Management technology company marketing department Ghuna told reporters that users in the installation of Android application software, there will always be a variety of" the program needs to obtain the following permissions, "the reminder, but contrary to the normal application, malicious applications will often require some beyond the scope of the software function requirements.

The higher the application software demands on the user, the greater the scope of its function, and the malware will use device permissions to crawl user information and steal privacy. And some piracy applications in the background to run malicious programs, not only secretly on demand carrier SP service, but also intercept the operator's confirmation message, which makes ordinary users difficult to detect.

"While some third party markets are already aware of the seriousness of the problem, they are beginning to work with security agencies to monitor the application in their markets," he said. But because of the openness of the Android platform, it is difficult to fully monitor the app. Because of the existing model of the app developers do not have a real-name requirements, and a wide range of download channels, so its security is difficult to guarantee. Ghuna to the IT Times reporter that for the mixed use of Android, users should develop a safe habit of using, do not install the unknown app, as far as possible in the official web site download applications or download has been through the application of security testing.