Android Security App With More Than 1 Billion Downloads Banned From Google Play Store

Cheetah Mobile fraud

In the digital world where people are connected to the internet 24/7, there is no saying how much of their data is being transferred in out of their devices.

Android is the popular mobile operating system operated by Google. Since users have become more concerned about their privacy, the company has taken steps to ensure that apps they download on Google Play Store are secure and not doing any harm to their information.

Back in February 2020, Google removed about 600 apps from its Play Store because they violated its policy. One of them, is the popular 'Clean Master'.

The security tool promises antivirus protection and private browsing. With more than 1 billion downloads, it was one of the Android most popular security app.

Created by China’s Cheetah Mobile, it was discovered that it was collecting private data of users, the URL of websites users visit through its "private" browser including their search queries, their Wi-FI access point names, down to the details like how users scrolled on visited web pages.

Cheetah argues that it needed to do that because it wanted to monitor users to keep them safe, as well as offering them more useful services.

The company also said that it complies with all local privacy laws, saying that it isn’t selling users’ private data and isn’t sending any information back to a Chinese server, but instead to an Amazon Web Services (AWS) system outside of the country.

But according to a research carried out by Gabi Cirlig from cybersecurity company White Ops, the methods of invading users' privacy came after the previous allegations in 2018, which said that Cheetah was said to have committed ad fraud and click injection techniques. Cheetah denied such claims.

At that time, Google removed Cheetah's Clean Master and Security Master, CM Launcher, CM Browser, Batter Doctor CM File Manager and others out of its app store over breaches of its policies.

And as for the location of the server Cheetah mentioned, Cirlig noted that the domain where the information was delivered to was actually registered in China. And Cheetah itself is based in Beijing.

Cheetah Mobile logging users web browsing activities
Logs of Cheetah Mobile's Google Search tracking through its CM Browser tool. Cheetah said that it needs to track users to protect them and provide useful features. (Credit: White Ops)

Cirlig said that:

"Technically speaking, they have a privacy policy that covers kind of everything and gives them a blank check to exfiltrate everything."

"I can’t know for sure what they’re infringing upon. It’s just that they are playing ball in a gray area and it’s up to researchers like us to stand up and call foul whenever they think that they cross the line. I personally think that they cross the line."

In this case, Cheetah didn't say that the claims are false.

The company explained that it collects users' web traffic and other data, only for security reasons. For instance, it’s monitoring users' internet browsing activities to ensure the sites they visit aren't dangerous. It’s also doing so to provide certain services like suggesting recent trending searches.

As for accessing Wi-Fi network names, Cheetah said its reasoning was much the same: to prevent users joining malicious Wi-Fi networks.

Cheetah the publicly listed company since May 2014 said that it is appealing to Google's decision, and said that it would be working with the tech giant to solve this issue.