This popular Android video editing app turned out to be a scam

Man looking at smartphone
(Image credit: Shutterstock)

As TikTok, Instagram and other video sharing apps have become increasingly popular, more users have turned to free video editing software to edit their content. 

However, new research from Secure-D's anti-fraud platform Upstream has revealed that over 20m suspicious transaction requests, that could have cost users more than $27m in unauthorized premium charges, came from the popular Android video editing app VivaVideo.

In its new report, Secure-D revealed that VivaVideo, which has over 100m reported downloads, has been attempting to sign up users for premium subscriptions while delivering invisible ads to users to generate fake clicks.

Over one million devices have been affected across 19 countries including Indonesia, Egypt, Thailand, Russian and the UK but users in Brazil could have been hit the hardest with more than 11.5m fraudulent transaction attempts originating from the app. Had Secure-D not blocked these fraudulent transactions, Brazilian users could have been charged $10.3m for services and subscriptions they didn't purchase.

The popular app currently sits at 11th place in Secure-D's Mobile Malware Index but in the past it has topped the list prompting further investigation from the anti-fraud firm. Its latest report sheds new light on the scale and extent of mobile ad fraud and suspicious transaction requests in VivaVideo.

Suspicious transaction requests

While testing VivaVideo in the Secure-D lab on a genuine user's device, the app was repeatedly caught trying to make fraudulent transactions which were all blocked by the anti-fraud firm. To make matters worse, some of the click and purchase attempts via fake, invisible ads actually occurred with the device was unattended. However, if they had been successful, the advertiser would have paid out a commission to the affiliate who in turn would have paid the scammer responsible for the fraud.

During its investigation, Secure-D also found code snippets within the app that check to see if monitoring software is installed on a user's device. All suspicious background activity came to a stop when a monitoring app was installed and this shows how the tactics used by fraudsters are continually evolving.

Although the latest version of the VivaVideo has displayed no malicious behavior, older versions of the app are known to contain the Batmobi SDK which Google has now banned. For this reason, it is highly recommended that VivaVideo users head to the Google Play Store and update to the latest version as soon as possible.

Additionally, Secure-D recommends that users check app reviews on the Play Store and online, review developer details and assess their credibility and read the list of requested permissions before installing any new apps on their devices.

Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.