Google removed two well-liked Cheetah Mobile in addition to Kika Tech apps by its Play store today after finding “deceptive in addition to malicious behavior” of which was first outlined in a BuzzFeed News report.
Google said an internal investigation found of which CM File Manager in addition to the Kika Keyboard contain code used to execute ad fraud techniques known as click injection in addition to/or click flooding. The activity was first documented in seven Cheetah apps in addition to one by Kika Tech by Kochava, an app analytics in addition to attribution company of which shared its research with BuzzFeed News.
A Google spokesperson said of which continues to investigate the apps, in addition to of which of which expects to take additional action.
“We take these allegations very seriously in addition to our Google Play Developer policies prohibit deceptive in addition to malicious behavior on our platform. If an app violates our policies, we take action,” said a statement by Google.
Cheetah in addition to Kika can both appeal the decision, the company said. Google also appears to have removed both apps by its AdMob mobile advertising network, though the company did not comment on the apps’ status.
The removal of these apps is usually a huge blow to Cheetah in addition to Kika, two major Chinese app developers who together have hundreds of millions of monthly active users. of which also highlights how mobile apps can abuse user permissions in addition to engage in malicious activity without users’ knowledge. (Neither company immediately responded to a request for comment, yet of which story will be updated if they do.)
The two removed apps, CM File Manager in addition to the Kika Keyboard, have been downloaded by the Google Play store more than 250 million times, according to app analytics service AppBrain. The Kika Keyboard is usually the top keyboard app from the Play store, in addition to Cheetah Mobile is usually one of the biggest developers of apps from the entire Android ecosystem, when measured by downloads.
Two various other Cheetah apps, Battery Doctor in addition to CM Launcher, were removed by the Play store last week after BuzzFeed News published its story. Cheetah said of which removed them on its own accord, yet the apps have not yet returned to the store.
The behavior identified by Google in addition to Kochava enabled the apps to falsely receive credit for helping cause a user to download in addition to open various other apps. App developers pay a fee to partners of which help drive brand-new downloads of their apps. The Cheetah in addition to Kika apps were claiming a portion of these fees even when they played no role in an installation. Google refers to of which as “install attribution abuse.”
of which news comes as Cheetah has been issuing increasingly aggressive press releases over the past week to question the findings by Kochava in addition to reporting by BuzzFeed News. Cheetah initially said of which “takes the issues raised from the article very seriously,” while shifting blame to third-party software development kits (SDK) installed in its apps.
Then, after suffering massive declines in its stock cost, the company issued another press Discharge to say of which “has neither the intention or ability to direct such advertising platforms to engage from the alleged ‘click injections.’” of which threatened legal action against Kochava “in addition to the responsible persons of which the Company believes have generated in addition to disseminated those untrue in addition to misleading statements.”
The company issued a third, more detailed Discharge of which of which said contained evidence of which “Kochava’s testing methods contained fundamental mistakes, leading to many false or misleading conclusions.”
Kika Tech also issued a Discharge to say the claims from the BuzzFeed News story “are false in addition to hold no merit.” (of which initially told Buzzfeed News of which was “extremely disappointed to learn about these ‘flooding in addition to injection’ practices,” adding, “We appreciate you putting of which to our attention.”)
As the operator of the Play store in addition to a major monetization partner for Kika in addition to Cheetah, Google had to decide whether to accept Kochava’s research or the responses by Cheetah in addition to Kika. After spending more than a week on its own investigation, today’s app removals signal Google’s agreement with Kochava on the behavior within at least two apps. Google said of which found native code within these two apps of which was used for install attribution abuse, which contradicts the claim by Cheetah of which a third-party SDK was responsible. Google also said of which expects to take additional action as of which finalizes its investigation.
“Kochava is usually pleased to see of which Google has validated Kochava’s recent findings with respect to Cheetah Mobile in addition to Kika Tech,” Grant Simmons, the head of client analytics for Kochava, told BuzzFeed News. “Advertisers need to be able to operate in an environment free by [ad] fraud. Kochava intends to continue connecting the dots of fraud across the adtech ecosystem to ensure of which our advertiser clients can spend with confidence.”
of which news comes after Cheetah also received negative attention last week in China for its Cheetah Browser app. The Shanghai Consumer Council raised concerns about the level of user permissions required by the app, including the ability to access outgoing calls in addition to text messages. Cheetah responded that has a statement in Chinese to say of which updated the app in question.