Google bans major Chinese app developer CooTek over ad malware

2 min read

Google has banned NYSE-listed Chinese app developer CooTek from its ad platforms and removed dozens of its apps from the Play store over violations of its advertising policies, Buzzfeed News reported. The Shanghai-based app developer was found to be using a malicious plug-in called BeiTaAd that bombards users with disruptive apps even after the company said it had stopped.

CooTek told TechNode Wednesday that it had fixed an “ad defect” in one of the monetization software development kits, or SDKs, integrated into their apps before Lookout reported the issue in June. The company disabled the malicious ad function in its product updates on May 23, and the apps that Lookout reported in its latest accusation re-used some of the same code frameworks found in the defective SDK. The company said that the codes do not trigger disruptive ads, but are “mainly for… normal functions” like nudges which remind users to drink water that can be turned off.

The company said it is communicating with Google to clarify the issue.

Why it matters: As concerns about data privacy and cybersecurity are on the rise, app fraud in the Asia-Pacific region continues to outpace global rates. Malicious advertising practices are not uncommon in China even among major developers as evidenced by CooTek, a large, US-listed Chinese app developer with hundreds of apps and users in 240 countries, according to its website.

  • The malware usually infects less popular apps and are relatively easy to catch, but plug-ins like BeiTaAd are becoming prevalent as they are well-hidden in apps that have large numbers of installs.
  • Google’s ban will have a significant impact on CooTek’s revenue as app development and monetization from ads are its core businesses.

“This week, Lookout [alleged] that 58 of the updated apps continued the same malicious ad activity. They claimed that ‘the BeiTaAd plug-in was gone, but the ads remained.’ However, this is NOT true. The fact is, our engineer re-used some of the code frameworks in the previous SDK in question. It didn’t re-activate any malicious ad activity.

Mina Luo, CooTek spokeswoman

Details: The malicious plug-in was discovered by San Francisco-based security firm Lookout in June. A total of 238 apps with more than 440 million installs were found infected with BeiTaAd in the Play store. All of the apps were developed by CooTek.

  • More than 60 of CooTek’s apps have been removed from the Play store. Lookout said that at least 58 of the updated apps contained old and new codes allowing malicious ad activities.
  • According to Lookout, the BeiTaAd plug-in displays pervasive ads to users even when the phone or the app is locked or not in use, which “render[s] the phones nearly unusable.”
  • After the initial allegation last month, the company claimed that it had updated its apps and removed the plugin causing malicious ad activity. But Lookout said aggressive ad activities persisted.

Context: CooTek is the second major Chinese developer to be blocked from Google’s platforms this year due to violation of advertising policies. The company is best known for its TouchPal keyboard app, which has accumulated more than 100 million installs.

  • In April, Google banned Chinese Android developer Do Global from its app store for committing ad fraud and hiding app ownership details from users. The app developer had more than a hundred apps in the Play store with 600 million installs.
  • Last year, Google removed popular apps by Chinese tech companies Cheetah Mobile and Kika Tech for engaging in malicious ad practices.