40 million Android users urged to uninstall Facebook and YouTube video download app Snaptube
It is claimed the app made 32 million fraudulent transactions in 2020
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Android users have been warned to uninstall an application which could have been unknowingly draining money from their bank accounts.
An app called Snaptube, a video downloader that lets users save content from YouTube and Facebook, has been downloaded over 40 million times.
However, a report from UpStreamSystems said that the app was responsible for 32 million fraudulent transactions in 2020.
In 2019, it claims it was responsible for 70 million fraudulent transactions.
This is out of a total of 362 million mobile transactions in the first quarter of 2020, with UpStreamSystems' security platform Secure-D reportedly blocking 89 percent of them for being fraudulent.
Google has removed it from the Play Store.
According to Forbes, Upstream warned last year that SnapTube was “a screen for suspicious background activity... We found not just background advertising click fraud, but also countless examples of users being signed up for premium digital services or subscriptions.”
It apparently also generated premium calls and texts, without the knowledge of users, which could have made the company over $100 million.
In October Mobiuspace, the company behind the app, said that the issue was “related to our collaboration with a third party known as Mango SDK, which allowed fraudulent ad practices that run against our beliefs and commitment with our users.”
It had taken “immediate action... and released an update which took Mango SDK off subsequent versions, as well as sending out notifications to all users to update to the latest version through in-app pushes and notifications," the company said.
On its website, Mobiusspace also said that it presented “our greatest apology, and please know that we always take user experience and safety as our top priority, and welcome your questions and suggestions!”
It encouraged users to download a new version of the app, although the recent report from UpStreamSystems implies malicious practises are still ongoing.
Uswitch reports that the app has been labelled “fleeceware,” and would take advantage of linked credit or debit cards in the Play Store.
The company will offer a free trial period, and then forgetful users will not cancel the subscription. Reportedly, this has made the app £78 million.
However, Mobiusspace says that the UpStreamSystems’s report is inaccurate.
It claims that in June Snaptube received an alert from Google that there were illegal advertising subscription codes in the Mango SDK, which it dropped.
“Malicious advertising fraud as claimed in the Upstream report was no longer included in the application,” it says.
It asks why Upstream did not contact SnapTube for its “current results on this matter.”
“Upstream issued a serious misrepresented report without seeking confirmation with us, which has caused significant damage to our brand and reputation.”
“Snaptube urges Upstream to strictly follow industry practise and stop spreading false information” it continued.
"In the first quarter of 2020, Secure-D has received and blocked 32 million clicks from Snaptube. Our system determined that the blocked clicks were generated without the end users’ knowledge while attempting to subscribe them to premium services" Upstream said.
"We cannot know or comment whether Mobiuspace have removed the Mango malware from newer versions of Snaptube as they state. The data by Secure-D shows that suspicious clicks contribute a smaller percentage of Snaptube traffic than in 2019, however there is evidence that many infected versions of Snaptube remain in the wild."
"If in fact the Mango SDK has been removed, users should upgrade their apps to the most recent version to avoid falling victim to its behaviour."
The Independent has reached out to Snaptube and Google for clarification.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments