How this app operates
Researchers say that the app contains a suspicious third-party code that allowed the app to automate clicks and to make purchases without user consent. A component built by Hong Kong-based Elephant Data downloads the code which is responsible for generating automated clicks without the user’s knowledge. The code also sets a cookie to determine if the device has previously been used to make a purchase. The code also makes the web addresses unclear to hide its suspicious activity.
Suspicious activities over the past few weeks
blocked more than 114 million suspicious transactions from two million unique devices over the past weeks. Upstream only has visibility in certain parts of the world – Brazil, Indonesia, and Malaysia, this is only a fraction of the suspicious transactions observed.
Suspicious activities of 4shared App
In mid- April, the 4shared app suddenly disappeared from Google play and it was replaced with a near-identical app with all the suspicious components removed. The 4shared app has more than 10 million users.
Irin Len from 4shared stated that the company was unaware of the ad activity in its app until people reached out; he also confirmed that the company no longer works with Elephant Data anymore.
4shared briefly stated that the Elephant data is affecting its privacy policy but doesn’t explain what the service does. They are unable to update the previous version because the Google Play Store removed the app forcing him to submit an entirely new version of the app.
Criticism from its users
After the release of the suspicious activity of 4shared app, the firm has drawn criticism in various , some of them calling the company “scam” and others naming it “”.
Bottom Line
We don’t know that 4shared did this malicious activity willingly or it was performed without their knowledge. This app will still be collecting data from its old users as long as they don’t update their apps. It is up to the people now to save themselves from such attack by removing this app from their phones.