November was a super challenging month for Malloc. The five most important antivirus companies identified the Malloc Android app as spyware; the exact opposite from what the app really is. A misjudgement, based on false indicators. The conventional antivirus companies have now whitelisted the app, but they raised concerns affected significantly our user’s trust. What happened and how we handled this situation, all provided in this post.
Imagine waking up one day, and receiving emails from your users and reviews on Google Play store, accusing your app to be stalkerware, trojan, spyware and all sorts of malicious technologies that exist you can imagine. Well, this happened to Malloc, and you can only imagine our frustration. Some users shared their concerns by emailing us, others published bad reviews, and a lot of the users (mostly new) uninstalled the app.
Malloc was created with one single goal — to help people regain their privacy. We created Malloc, to give control to users over what is happening on their devices, to enable them to see who collects their data and give them the power to stop it.
The Malloc app detects spyware and allows users to check where their data are being sent and block data collected by ads, spyware, crypto-mining, by passing users’ traffic through secure VPN servers. There is a strict no-logs policy in place and data exist only on the user’s device.
You can imagine how we felt when we, Malloc, was accused of being a spyware. It is a horrible, horrible feeling . If you ever find yourself in this unfortunate position or when have all your competitors against you, here are the steps we have taken to overcome this, and you may find useful!
1. Reassure users and mobilise them. Keep communicating with users,
talk openily regarding the issue and your progress to resolve it. Mobilise users, ask users to contact and
urge the companies to whitelist the app.
2.Address the issue the fast way. Contact the companies, explain them that your app is not spyware
and provide evidence to support your claims.
3.Understand, and solve the issue so it never happens again. Understand what triggered the false
alarm in the first place and solve it.
It took us almost 2 weeks to get whitelisted by all antivirus companies that have been tagging Malloc. We had to identify all the companies, contact and provide them with evidence for their false accusations. After multiple back and forth emails, one of the companies reached out explaining that what triggered the false alarm was a simple list of spyware domains that we had in the app in order to check on the device for specific apps.
So, Let me explain. Malloc detects the presence of spyware such as Pegasus or Predator based on indicators. Those indicators have been compiled by the Amnesty International after analyzing thousands of affected phones. The indicators include files created, processes running on the device, and domains that these spyware communicate and send data to. To enable the faster and offline detection of spyware, we kept a list of those indicators in the Malloc app — a list that names the spyware and the indicators that we have been checking for. When antivirus scanned the app and detected the list, automatically assumed that the app is spyware, just because there was a file with the spyware indicators. Not only they assumed that it was a spyware, but also charged us with all the illegal activities of the spyware, which was clearly a false statement. The antivirus claimed that the app uses permissions to access camera and microphone and record users actions, when clearly it does not ask for such permissions.
Having the names of spyware in your app, triggered the reaction of the antivirus, even if we used it to detect and block spyware — we have since encoded all references to spyware, to avoid such misjudgements.
It was an incredibly challenging month for Malloc, and you can imagine how discussing with your competitors about their mistreat is. Good news is, the misunderstanding is now resolved and Malloc triggers no alarms.
Malloc will continue its fight against spyware and we are fully focused on helping users to detect spyware, block ads and data trackers, and protect their data.
For anyone who needs to get an app whitelisted I am adding the contacts/links below 😊
Whitelisting links/contact emails:
- Avast:https://support.avast.com/en-ww/article/160?option=ftpwhitelisting#mac
- AVG: https://support.avg.com/SupportArticleView?l=en&urlName=AVG-FTP-file-upload&supportType=home
- ESET: whitelist@eset.sk
- LookOut: support@lookout.com
Published on Medium
