Hugely Popular Android Apps Exposed As Scam

John Lister's picture

Six very opular Android apps have been exposed as scams to defraud advertisers. The scam also drained batteries and sucked up mobile data on the handsets.

The six apps are AIO Flashlight, Omni Cleaner, RAM Master, Selfie Camera, Smart Cooler and Total Cleaner. All were in the official Google Play store but have been removed since their real purpose came to life.

The revelation came after three security companies - Check Point, ESET and Method Media Intelligence - worked with news site Buzzfeed to investigate risky apps. They concentrated on apps which were widely used and required permissions that were either excessive or potentially risky given their stated purpose. (Source:

Apps Make Bogus Ad 'Clicks'

In each case, the app carried out its stated purpose, which was usually something to do with basic functionality on the phone. They were extremely popular, with Google stats showing all but one had been downloaded at least 10 million times, and with Selfie Camera having more than 50,000 downloads. They also had high user ratings, though this may have been manipulated.

The problem was what else the apps did. They were designed to simulate clicks on online ads, doing so in a way that meant the ad and the pages it linked to were "hidden" in the background so that the activity wasn't visible to the user. The apps also interjected fake data to claim credit when users downloaded other apps.

In both cases, the goal was to defraud advertisers through pay-per-click advertising and through a commission scheme for encouraging users to download apps.

Users also paid a price, however. The background activity decreased battery life while heating up the phone and affecting performance. The hidden ad clicks, along with sending data back to the scammers and receiving instructions, all used Internet connections. Whenever the phone wasn't connected to WiFi, that meant depleting mobile data allowances.

Chinese Makers Disguise Source

What made these scams particularly notable was the lengths the scammers went to hide their identity. They disguised the fact that the apps were owned by Chinese company DO Global.

The main message for users is that appearing in Google Play store isn't a guarantee an app is safe, despite the store's "official" status. The key is to look at the list of requested permissions - which allow an app to access a particular resource on the phone - and be wary of anything that doesn't seem relevant or necessary for the app's supposed purpose. (Source:

What's Your Opinion?

Have you ever noticed a sudden rise in handset temperature and data use or a decrease in battery life after installing an app? Do you pay attention to permission requests on Android apps? Should Google better vet apps even if that means less choice available to users?

Rate this article: 
Average: 5 (6 votes)


Dennis Faas's picture

I knew these apps were dubious when my wife had one of them installed on her phone. She doesn't know how it got there (most likely because it was bundled with some other junk app) - plus it was incredibly difficult to figure out what the name of the app was so I could remove it. I am always dubious of any software made in China because of the many stories I've read about state-sponsored hacking. I also know for a fact that my web server is being attacked by bots in China and Russia 24/7 (which is also being blocked). Caveat emptor!

PseudoGeek's picture

Might as well not worry too much about side-loading apps from other sources, if the Google Play store is not vetting these apps that well anyhow.

TopDriver's picture

Because of the story's that I've read, like Dennis, I try to be diligent in my research to determine where the author is located.

As a retired Unix Administrator & Web Developer, I have seen MANY of my servers being hit by China, Russia, and CZECH Republic. So, I am always concerned when an app is developed in one of them.

Thanks for your commitment and dedication to "Infopackets" website and emails, Dennis!!!