Researchers have warned that the Ai.type app is still on millions of Android devices and is still available from other Android stores, e...
Researchers have warned that the Ai.type app is still on millions of Android devices and is still available from other Android stores, explaining the need to delete the famous Android keyboard app, which, once downloaded, makes unauthorized purchases of premium digital content.
Google said it had removed the app from its Google Play store in June, but researchers say it has been downloaded to at least 40 million phones worldwide and is still a threat.
The application, Ai.type, allows users to customize the keyboard using many fonts and emoji, and was developed by the Israeli company Ai.type Ltd, according to researchers at the mobile technology company Upstream.
The researchers said that the application makes suspicious requests to buy premium digital services in the background once downloaded, so that users do not realize this activity.
The mobile technology company has discovered 14 million requests for transactions from 110 thousand unique Android devices with a keyboard Ai.type, and if these transactions are not detected and banned, the application may cost its victims up to $ 18 million.
Upstream researchers said: The app provides millions of invisible ads and fake clicks, while providing original user data about real views, clicks, and purchases to ad networks.
`` Ai.type performs some of its hidden activities under other identities, including hiding itself and falsely acting as a popular application, such as Soundcloud, and app tricks also included an increase in suspicious activity once it was removed from the Google Play Store. ''
A Google spokesman confirmed that the application has been removed from the Google Play Store, but it is still available in the Apple App Store, and a spokesman for Apple: The company is currently examining this application.
Suspicious activity associated with the application rose shortly after it was removed from the Google Play Store, and suspicious activity was recorded in 13 countries, but was particularly high in Egypt; and Brazil.
"The value of these digital services is collected by direct carrier billing, without the need to access any bank account number," the researchers said.
SMS messages sent to the victim's device for verification and confirmation of subscription constitute the only alarm that alerts users.
In addition to subscriptions, the app requires a large number of permissions classified as dangerous, including permissions to access text messages, photos, videos, contact data, and storage on the device.
