text / Gu Xiaobo
APP steal privacy, push advertising is not what happens, but in the netizens slobber submerged part of the developers, the blame back, they may not know the development of APP in doing such a thing, because it is not in fact they do.
an industry to NetEase technology revealed that there are some third party application store by means of tampering with the application of decompilation, and then download billing or push advertising and other forms of profit, because the operation secret, and even many developers do not know.
followed by a number of industry insiders confirmed the fact that NetEase technology, but it is difficult to know who is doing these things, this is a secret underground world.
application easily cracked one channel SDK
in the PC Internet free software popularization, crack the situation is getting less and less, but in the mobile Internet, this story is being staged.
in a number of application stores appear cottage application is not plagiarism, but the original application decompile, tamper with the third channels through their own channels to re live shelves.
engaged in the Internet security industry insiders said that such a crack is not difficult. Learning programming students, just graduated after one or two months of study, with a special anti compiler tool, you can easily crack a APK, and modify it." Mobile security vendors CEO Bang Bang Kan Zhigang said.
use to break APP, the channel has three kinds of ways to make money, 1, built-in advertising SDK replaced its own app store ad SDK, forced to push advertising to earn advertising fees; 2, add malicious code to download the APP secretly in the background, automatically deleted after the installation, according to the number of activation of charge promotion expenses; 3. Replace the application of the payment system, the payee will point to their own, or add the script to steal user account password in the login system.
malicious code will don’t pay much attention at such time for users to download APP, secretly downloaded in the background automatically deleted after the installation, the user is unaware of, but the channel can be valued by CPA activation volume to developers for money, each mobile phone to activate one earned two dollars promotion fee, then a good network a mobile phone can download dozens of one night, and users are completely unaware. And the malicious code is usually not included in pirated APP, so they can easily through a variety of security monitoring, run automatically after download malicious script from the cloud, delete the local data execution is completed, untraceable.
there are currently more than 1 thousand Android channels in China, some of the secret channels to download a few times, many users may only be downloaded once in this channel application, but the cumulative amount is very large." Kan Zhigang said.
a domestic third party application >