VidMate is an app that allows people to download videos from sites like YouTube. The app is popular and has reportedly been downloaded by more than half a billion people across the world. However, what these people don’t realize is that the app has ties to the Chinese company Alibaba Group and is harmful in various ways, like collecting user information without consent.
Researchers from Upstream, a London-based mobile technology firm, found that VidMate was displaying hidden ads, draining user’s mobile data, secretly subscribing people into paid services, and depleting their phone battery. Users also unknowingly surrendered control of their personal information to a third party. The phone ended up being part of a botnet that was used to commit ad fraud by the company.
“Most of the suspicious activity, which is still ongoing, was largely centered in 15 countries. 43 million of the suspicious transactions flagged by Secure-D are coming from devices in Egypt, 27 million from Myanmar, 21 million from Brazil, 10 million from Qatar, and 8 million from South Africa. Among the top affected markets are also Ethiopia, Nigeria, Malaysia, and Kuwait. These are countries where digital payments via mobile airtime are common and often the only way to make financial transactions, as most people are unbanked,” according to Upstream Systems.
Upstream has been blocking suspicious transactions done by VidMate since 2017. Last year, the volume of such transactions increased quite dramatically. In the past six months, more than 128 million VidMate transactions were blocked by Upstream that could have cost users over US$150 million. Developed by a subsidiary of Alibaba Group, VidMate was sold off last year to another company.
“Mobile advertising is a multi-billion dollar industry on the rise and a very fertile ground for fraud. The VidMate example, whereby a single app is responsible for 130 million suspicious transaction attempts over a few months, is cause for great concern. The growing sophistication of disguised malware calls for an ever more vigilant approach. In the fight against digital fraud ongoing technological innovation is key,” Guy Krief, CEO of Upstream, said in a statement (Tech Radar).
VidMate is not the first Chinese app that has been found to have carried out such widespread fraud. Earlier, Chinese developers like Kika Tech, Cheetah Mobile, and DO Global had created apps with malicious behavior. In fact, Google had banned DO Global from Play Store for this reason. In January this year, a Chinese weather app was caught collecting user’s personal information and subscribing them for paid services.
Chinese companies and the Communist state
Having Chinese apps access the private information of users is a huge threat to all nations across the world. This is because the communist state has the full right to access any information stored by a Chinese company. They can then use this information to influence the behavior of citizens of other countries. In fact, private companies in China are required to establish a party cell within the firm.
“The impact of adding a Party cell goes far beyond an increase in the cost of doing business. It also impacts the corporate structure and management decisions as they grow more opaque with the blurring of lines between the state’s role and private ownership. In so doing, this policy threatens to reverse China’s four decades old reform agenda of opening up to private enterprise as an engine of growth,” according to Foreign Policy.
In January, the Australian foreign investment regulator ruled that private companies in China are an illusion since the state interferes in the firm’s affairs. Similar views have also been expressed by several EU nations that are seeking to put strict control on Chinese companies and their products.