Be very careful with the apps from the developer “Yobi Mobi”: there is evidence that they are “hijacking” the devices of thousands of people.
From time to time we have to report on malware-infected apps that threaten the security of Android users. However, on very few occasions we come across apps that, despite pose a great risk for owners of Android devices, are available on the Google Play Store available to (almost) everyone, and that over the last few years have been accumulating downloads up to add figures that are already counted in millions. And today is one of those days.
A user of Reddit with username RxFaction has alerted about a discovery made after several years working in the telephone industry. Alert that, over the past few months, he has found hundreds of devices affected by the malpractices of a developer known as “Yobi Mobi”whose applications would be violating Google Play Store policies.
Said applications They are distributed in countries such as Mexico and the United States, but they are not available in Europe. However, it is possible that your same techniques are used by other developers with the aim of “to kidnap” their victims’ devices and profit at their expense.
Millions of downloads on Google Play and a peculiar technique to “hijack” your mobile
The aforementioned user points out that the apps in question are Email Home, Weather Home, Messenger Home and Bible Home, among other. At the moment, Email Home is in the fourth position of the top most downloaded apps in Mexico in the “Personalization” category.
They all come from the same developer account, Yobi Mobi*, whose parent company appears to be ReachMobi. Very similar operating techniques have been discovered in all applications.
After being installed on the victim’s device, the app sends a notification that simulates an Android security notice, urging the user to select your app as system default launcher.
If the user accepts this notice, the app is hidden from the app drawer to prevent the user from discovering it and deciding to uninstall it. Later, floods the quick settings menu and notification panel with adsin addition to beginning use a large amount of CPU and memory resources in the backgroundconsiderably raising the temperature of the device, slowing down its operation and draining its battery quickly.
Apart from all of the above, the user suggests that Yobi Mobi apps plagiarize Google when using icons and graphic elements of the browser company, for example in a search bar similar to Google, which is actually based on a completely different search engine. He also speculates that apps are able to force installation of other appssuch as “memory cleaners” and “optimizers”.
Several users have come across devices with the same problems caused by “Yobi Mobi” applications from over a year ago. Unfortunately, despite repeated warnings, Google seems to ignore and proceed without removing the apps from the store or deleting the developer account.
So you can protect yourself from these types of techniques
Knowing cases like this, it is evident that Google Play Store is not a 100% secure platformand that its security measures are not entirely foolproof.
Therefore, it is up to the user. act prudently and avoid, whenever possible, avoid downloading apps from unrecognized developersor find out beforehand about the apps that you want to download on the devices.
Also, it is highly recommended do not grant advanced permissions to apps that are installed in the terminals, unless they are completely essential for their operation, or it is clearly explained what said privileges will be used for.