Android app market pirates busted by FBI

Filed Under: Android, Featured, Google, Malware

Trouble with law enforcement started back in 2012 for the three alternative Android app markets.

Back in August 2012, websites called snappzmarket​.com, appbucket​.net and applanet​.net went off the air in a takedown that the Federal Bureau of Investigation (FBI) refers to as "the first time website domains involving mobile device app marketplaces [were] seized."

Fast forward nearly two years, and things just got a lot worse for several of the alleged operators of those sites.

According to the FBI, Messrs Taylor, Walton, Sharp, Blocker, Buckley and Lee have recently been charged with criminal offences relating to Android app piracy.

We're not talking about a couple of dodgy apps on your phone here.

The allegations claim that the accused served up more than 5,000,000 copies of other people's Android apps, without bothering to ask permission first, and without bothering to pay up the fees that the apps' authors would have collected by selling their apps on legitimate markets.

(The FBI doesn't identify those legitimate markets, but it's reasonable to assume that the Google Play Store is one.)

Four others connected with the piracy operation, Messrs Peterson, Dye, Narbone and Pace, were charged earlier in 2014 and pleaded guilty.

The piracy allegations relate to the period from August 2010 to the shutdown in August 2012, which means more than 5,000,000 downloads in just two years.

That works out at close to five Android users every minute who couldn't resist the chance to avoid paying the typically modest price of a popular paid Android app by going "off market."

Piracy and malware

The charges relate only to crimes involving intellectual property, such as copyright, so there's no suggestion that the accused were running a malware dissemination racket at the same time.

So we're not going to trot out the usual line that you should be careful of pirated apps in case you get infected.

We'll ask you to avoid pirated apps because you jolly well know that you ought to be paying for them, or choosing legal free alternatives instead.

And, having said that, we are going to trot out the "be careful" line, after all.

For all that there are many reputable apps to be had in many reputable non-Google app markets, you should assume that anyone who cares little enough about an app's creator to rip him off probably doesn't care terribly much about you, either.

After all, an app pirate can't take a cut of the revenue from a paid app that he's just "sold" you for nothing, so it's worth bearing in mind that he might try to load up your "free" apps with what you might euphemistically call bonus content.

In fact, even free apps from the Play Store, rebundled into free apps on alternative markets, may contain unwanted surprises.

From Angry Birds to Flappy Bird, and from Instagram to Zelda, wandering into unregulated and poorly-secured alternative Android markets can be a recipe for trouble.

What to do?

Our suggestions:

  • Stick to Google's Play Store as far as you can.
  • Don't be tempted by free versions of apps that are supposed to cost money.
  • Watch out for "alternative" versions of apps that are already free.
  • Consider using an anti-virus and app reputation advisor on your Android.

And, if you're thinking to yourself, "But you guys *would* say that," then...

...yes!

We would, and we just did!

Click to get Sophos Anti-Virus for Android...

Image of pirate, arrr! courtesy of Shutterstock.

, , , ,

You might like

4 Responses to Android app market pirates busted by FBI

  1. MikeP_UK · 98 days ago

    While you're correct in warning us to be careful witrh such sources, there are others that can be risky.
    There are many 'download' websites and some are very well known, but many seem to 'bundle' unannounced 'bonus software' in with the item you actually want. So you have to be very careful about where you download from and to be very, very careful to watch out for 'foistware' bundled in with what you really wanted- which means monitoring the installer *all* the time it is running! Some of these 'foistware' items are well known products, such as Google Chrome, but that's not what you wanted in the first instance - so it is being 'foisted' on you and you have to refuse/reject the offer and make sure you 'untick' the selection and to 'untick' what I call the 'let us hijack your home page' tick box.
    Even some big names in the software industry try to foist unwanted software on you and some of what is being offered is not actually free - or else it's an old version or it's not very good anyway!
    My advice is to always assume 'they' want to foist unwanted junk on you and you have to be very wary to avoid getting caught out. Else you might find it difficult to find you own homepage again!

  2. Jim · 98 days ago

    I'm wondering.....are there big bottom-line profits in peddling unwanted toolbars? Adobe, CNET, Oracle......I avoid CNET downloads, no exceptions.

    • Mang · 84 days ago

      I recall reading that they are paid per install. Can't remember where, it may well have been here, in one of those links!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog