Clean Master, CM File Manager, other popular Android apps reportedly committing ad fraud

“A total of eight apps, including the Clean Master, on Google Play store has been exploiting user permissions to steal millions of dollars”

Several popular apps on Google Play store have allegedly been found engaging in an ad fraud scheme. An app analytics firm has claimed that a number of Android apps developed by two Chinese developers – Cheetah Mobile and Kika Tech – have been exploiting user permissions to steal “millions of dollars”. The applications caught in the fraud include Clean Master, CM File Manager, and Kika keyboard among others, which reportedly have over 700 million monthly active users.


“The two firms have been misusing app permissions in order to monitor new downloads and then used the data to claim credit for having caused the download,” notes app analytics firm Kovhava in its report, shared with Buzzfeed News. The report further adds that the ad fraud scheme exploits the fact that a number of app developers pay a fee, or ‘bounty’, ranging from 50 cents (roughly Rs. 35) to $3 (roughly Rs. 200) to partners that help them get more installations of their apps.

Update: Cheetah Mobile has reached out to 91mobiles and said that Kochava provided false information regarding Cheetah mobile’s advertising system and that it will take legal action against the analytics company. It says, “Upon analysing the videos and other evidence, the company discovered that Kochava’s testing methods contained fundamental mistakes … In their videos, they are misleading the media to believe that Cheetah Mobile is engaged in fraudulent practices.

However, Cheetah Mobile has removed Batmobi and Duapps from its updated apps as two advertising SDKs – featured in the Kochava videos – “possess attribution risks.” It has also said it will suspend cooperation with any SDK providers that are found to be engaging in fraudulent activities. Story continues below:

Cheetah and Kika app developers have reportedly been keeping track of users downloading new apps and using the data to inappropriately claim credit for having caused the download. This fraudulent practice is called click flooding/ click injection and lets the companies get rewarded for every app installation despite no role in it.

Kika Keyboard Becomes the 1st Keyboard with Native Support for WhatsApp's new Emojis (PRNewsFoto/Kika Tech Inc.)

Seven apps owned by Cheetah have been implicated. These include Clean Master, CM File Manager, CM Launcher 3D, Security Master, Battery Doctor, CM Locker, and Cheetah Keyboard. These Android apps have been downloaded more than 20 million times in the last 30 days, as per data from AppBrain analytical service. Google Play has itself promoted the CM Launcher 3D as one of the “go-to apps” for smartphone users.

The other app engaged in similar practice is Kika Keyboard. The app is said to be one of the most popular keyboards in the Play Store with over 60 million monthly users. Upon being about the fraud to Kika Tech CEO Bill Hu, said that the ad fraud took place “without the company’s full knowledge.”

He added that the company is internally investigating the issue and will “rectify the situation” in case “code has been placed inside our product”. Meanwhile, Cheetah Mobile also issued a statement to BuzzFeed News suggesting that third-party software development kits (SDKs) integrated into its apps were responsible for the click injection. “We request ads via SDK from these ad platforms and display their ads. We have no control over the behaviour of these SDKs,” the company was quoted as saying. However, Kochava as well as another analyst found Kika Tech’s proprietary software executes the click injection, not any third-party software.

Google told Buzzfeed News that it had not confirmed the presence of fraudulent tactics in the apps and instead sought more information from the two developers. On the other hand, Cheetah Mobile said it had voluntarily removed two of the apps – Battery Doctor and CM Locker Apps – from Google Play, though the former is already on back the App Store and the latter “will be re-launched very soon.”