Researchers from Upstream have found out that the malicious Android keyboard app threatens millions of Android users. The researchers mention that the app has generated 14 million transaction requests from thousands of users. Security researchers from the mobile technology firm Upstream have discovered this malware. The problem with the keyboard app is that it can steal the financial records of its users.
The keyboard app works in the background and requests users to generate premium third party services. Ai.type keyboard does not notify users about generating these requests. The app has been making unauthorised transactions and duping people of money.
Dimitris Maniatis, head of Secure-D at Upstream said, “Innocent users are paying for these hidden, unauthorised purchases and related data consumption whose source is buried in the app. Secure-D experts examined two Android devices with the ai.type app installed. They found subscription verification texts to premium digital services on both devices, confirming unwanted subscription sign-ups that occurred without any user intervention.”
Upstream researchers found out that the data of 14 million requests had suspicious transaction records. The researchers have blocked them with their Secure-D platform. These requests were made from 110,000 devices alone. Google removed a version of the app a few months ago, even then the keyboard app remains installed on millions of smartphones. Various third party app stores and websites continue to offer this app, which poses a potential risk for users.