Google Android keyboard app targets more than 40M users with unwanted charges: report

Have you checked your phone lately?

Researchers at mobile technology firm Upstream are warning millions of Google Android users to check their phones after it was revealed that an app hiding in plain sight was making upwards of $18 million of fraudulent charges.

The customizable on-screen keyboard app ai.type, previously available on Google Play, has been installed more than 40 million times. Developed by Israeli firm ai.type LTD, the app is disguised as a "free treat for mobile users."

Researchers say the rouge app is actually making millions of purchases of premium digital content without a user's knowledge.

"Malware can be responsible for creating millions of dollars of fraudulent mobile advertising revenue," Upstream CEO, Guy Krief, said. It seriously impacts consumers' pockets and mobile service experience by eating up their data, incurring unwanted charges, and affecting the performance of their phones."

Upstream works with mobile operators to proactively safeguard subscribers against fraud on mobile devices through their mobile security platform Secure-D.

To date, the firm has detected and blocked more than 14 million suspicious transaction requests from 110,000 devices that downloaded the ai.type keyboard. If these transactions were processed, researchers say they would have potentially cost users up to $18 million in unwanted charges.

MICROSOFT WINDOWS VULNERABLE TO 'WORMABLE' BLUEKEEP MALWARE, FEDS WARN

The app masks itself to spoof popular apps such as SoundCloud, Upstreams says. It was removed from Google Play in June 2019, but remains on millions of Android devices and is still available from third-party marketplaces.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

The app has also been delivering millions of invisible ads and fake clicks, passing on user data about real views, clicks and purchases to ad networks, according to Upstream.

WHAT IS CYBER INSURANCE AND WHY YOUR BUSINESS NEEDS IT

Researchers from Upstream began an investigation after Secure-D identified the app's suspicious behavior which spanned 13 countries but was particularly high in Egypt and Brazil.

Google has not immediately responded to FOX Business' request for comment.

Researchers at Upstream are advising consumers to not only remove the app but check their bills for unwanted or unexpected charges. Consumers are also urged to regularly check their phones and remove any reported malware.

CLICK HERE TO READ MORE ON FOX BUSINESS