For a long time, the Play Store could be considered a wild west of app distribution, especially when compared to Apple's inherently more restrictive App Store. However, Google is working on improvements and is becoming stricter, including for app permissions. Nevertheless, we are again in the store with a new ad fraud program in the footsteps of last year's Cheetah Mobile investigation. Another Chinese app developer, DO Global, is said to have included code in their apps that automatically clicks ads without the users' knowledge.

BuzzFeed News unveiled these results in collaboration with security researchers Check Point and Method Media Intelligence. They found that the app developer in question was a spin-off of Chinese giant Baidu, who became independent only last year. The apps reached more than 90 million downloads before Google deleted the entries.

DO Global's products are primarily sketchy. They replicate all system functions such as camera and flashlight or promise to clean up the phone to make it faster, which often slows down the phones. But see for yourself, these are the six remote apps: Selfie Camera, Total Cleaner, Smart Cooler, RAM Master, AIO Flashlight, and Omni Cleaner.

There are two parts of this scam. First, DO Global was not listed as a developer for most of these apps, but instead used a US parent company for publication on the Play Store. This makes users believe that they are installing an American product. This is of course against the policies of Google. Second, the apps have been programmed to automatically click on ads and steal money from advertisers who are not receiving real user interaction with their offers. Because this was done in the background while the screen was off, users may have had worse battery life and unexpected data bills.

BuzzFeed News also mentions that many apps in the Play Store abuse permissions and non-transparent privacy policies to suck users' personal information, but they do not point to specific apps or developers.

We can only hope that Google will continue to take more control of the Play Store and in fact force app developers to enforce its customer protection policies. The company has already started to do so by requesting higher target APIs and examining phone and SMS permissions more closely.