Popular ad blockers burned out in collecting personal data

Smartphone users often install applications that block ads and protect their data, but at the same time do not expect a trick from such programs. As it turned out, many of them should not be trusted at all.

Resource BuzzFeedNews conducted an investigation and found that a number of popular ad blockers and VPN services are closely related to the analytic company Sensor Tower. This company, or rather the platform it created, presents to many developers and other customers data on the audience and popularity of their products. However, this information must be taken from somewhere and journalists have identified one of the most likely ways.

It turned out that since 2015, Sensor Tower has in one way or another owned more than two dozen applications, including Free and Unlimited VPN, Luna VPN, Mobile Data, and Adblock Focus. These four programs until recently were available in the App Store and Play Market for devices running iOS and Android operating systems, respectively. A full list of suspicious applications is available on the publication’s Twitter account.

It is noteworthy that the connection between the analytical firm and these programs was hidden in every possible way, and it was discovered almost by accident. The author of the investigation was concerned about the large number of required permissions of one of the applications, studied its code and found a mention of authorship in it. Then he tracked the author on the GitHub developer portal and in his profile saw the place of work - Sensor Tower.

The company itself does not deny its connection with the programs, but they assure that no personal data is collected. However, the applications on the list require the installation of a root certificate, which provides third-party services with almost unlimited access to user traffic. Representatives of the Sensor Tower were also unable to tell the publication that it was precisely for the parameters in their interests that the indicated programs were being monitored.

Most of the suspicious applications have already been removed from Apple and Google’s stores, while others are undergoing additional internal investigations. It is worth noting that among cybersecurity experts there is a tacit standard for this kind of service - it should be paid. In this case, the creators of the program will not have to look for third-party ways to earn money to maintain the necessary hardware and software infrastructure. A similar approach is taken by the notorious Mozilla company, which is planning to launch its VPN soon.

Post a Comment