Popular File-Storage Android App Caught Using Adware Campaign and Making Purchases Without User Consent

4shared is one of the most popular media-sharing Android apps with more than 100+ million installs in Google Play store. Recently, Security researchers revealed that the app is secretly displaying invisible ads and without user consent and subscribes them to paid services, collectively costing millions of dollars. Users are not aware of the issue because this app operates these kinds of activities in the background, displaying everything normal on the screen.

How this app operates

Researchers say that the app contains a suspicious third-party code that allowed the app to automate clicks and to make purchases without user consent. A component built by Hong Kong-based Elephant Data downloads the code which is responsible for generating automated clicks without the user’s knowledge. The code also sets a cookie to determine if the device has previously been used to make a purchase. The code also makes the web addresses unclear to hide its suspicious activity.

Suspicious activities over the past few weeks

The Upstream System blocked more than 114 million suspicious transactions from two million unique devices over the past weeks. Upstream only has visibility in certain parts of the world - Brazil, Indonesia, and Malaysia, this is only a fraction of the suspicious transactions observed.

Suspicious activities of 4shared App

In mid- April, the 4shared app suddenly disappeared from Google play and it was replaced with a near-identical app with all the suspicious components removed. The 4shared app has more than 10 million users.

Irin Len from 4shared stated that the company was unaware of the ad activity in its app until people reached out; he also confirmed that the company no longer works with Elephant Data anymore.


4shared briefly stated that the Elephant data is affecting its privacy policy but doesn’t explain what the service does. They are unable to update the previous version because the Google Play Store removed the app forcing him to submit an entirely new version of the app.

Criticism from its users

After the release of the suspicious activity of 4shared app, the firm has drawn criticism in various threads on Reddit, some of them calling the company “scam” and others naming it “dodgy”.

Bottom Line

We don’t know that 4shared did this malicious activity willingly or it was performed without their knowledge. This app will still be collecting data from its old users as long as they don’t update their apps. It is up to the people now to save themselves from such attack by removing this app from their phones.



Read next: Are iOS app developers earning more than Android devs?
Previous Post Next Post