Fraudulent apps on the Google Play store are a huge problem for Android users. Some of the fraudulent apps aim to steal money and other information. In February this year, word surfaced that a cryptocurrency-stealing malware had been found on Google Play, while malware-laden game apps were found last November that were affecting half a million users. Perhaps the biggest fraudulent app was found in November 2018, when apps from Cheetah Mobile were committing millions of dollars in ad click fraud but now it looks like app click fraud is even more widespread.
There are several popular Android apps from a major Chinese developer that have been called out for click fraud. One of the apps is a popular selfie app that has over 50 million downloads. A report compiled by Buzzfeed has found that several apps took steps to conceal their ties to a developer called DU Group.
The apps also failed to disclose they were collecting and sending data to China. The investigation raises new questions into how Google polices the Google Play store to root out apps that are committing fraud and collecting data without the user's knowledge. DU Group is a spin-off of Baidu, which is one of the largest tech firms in China. Six apps from DU Group together have over 90 million downloads via Google Play and have been fraudulently clicking on ads to generate revenue.
Two of the apps are said to have code that could be used to engage in a different form of click fraud, according to research from security firms Check Point and Method Media Intelligence. The investigation also found that several popular apps were asking for permissions that were unnecessary and invasive.
Google has stated that six DU Group apps that were found to be committing click fraud have been blacklisted and can no longer use Google ad products to earn money. Google is also reportedly hiring more people to evaluate apps for the Play store. Ad fraud is rampant in China, and such fraud is said to be the "norm" for developers there.
The Selfie Camera app was found to click on adds in the background, and some of the clicks happened when the app wasn't open and can lead to draining the battery and increased data consumption. The DU Group apps found to be committing fraud include the Selfie Camera app, Omni Cleaner, RAM Master, Smart Cooler, Total Cleaner, and AIO Flashlight.