Security researchers have issued an alert to Ai.type, an third-party Android keyboard app that has been found to steal millions of unauthorized purchases of premium digital content.
The results – revealed by mobile technology company Upstream – reveal that the app has been downloaded over 40 million times. The problem is that it is still active on millions of devices so far, though it was removed from the Google Play Store in June.
In addition, Ai.type provides invisible ads and generates false clicks, while requiring in-depth permissions to use the application ̵
'Ai.type does some of its business by hiding itself under other identities, including by disguising itself as a scam for popular applications such as Soundcloud. The app's tricks also included a jump in suspicious activity after it was removed from the Google Play Store, "the researchers say.
In total, Upstream has detected 14 million suspicious transaction requests from 110,000 unique devices that downloaded the Ai.type keyboard, leading the company to block attempts.
If these transactions were not discovered and blocked, the application could potentially cost victims $ 18 million in unwanted fees, researchers say.
Although suspicious activity has been reported from 13 countries, the rates are significantly higher in Egypt and Brazil.
The fact that the Android app removed from Google Play continues to be a source of adware addresses the growing content challenges of malware-infected apps in Android third-party markets. It is worth noting that the app is still available on the Apple App Store.
Over the last few months, it has been discovered that the official iOS and Android app stores have several applications that commit fraud.
Ai.type, for its part, suffered from a security incident after the personal data of more than 31 million users leaked online in 2017. Moreover, it was caught sending data by keystrokes to its users. your servers in unnoticeable text in 2011.  As always, the same security hygiene rules apply: stick to the Play Store for downloading apps and avoid side-loading from other sources, and most importantly – look at any permission that application from required before installation.