Mobdro Rejects Digital Citizens Alliance Accusations of Malware Propagation

In April 2019, Digital Citizens Alliance (DCA) issued a study in which it claims that the Android free streaming application Mobdro is actively infecting its users with malware. DCA claims that the malware threats propagated by Mobdro infiltrate home WiFi networks and steal large amounts of sensitive data which is then sent to shady remote servers. Critics of the study express doubt regarding these claims though, pointing out that the organization may not have conducted profound research particularly on the original Mobdro application as it is focused mainly on general consumer safety and online piracy.

The developers of Mobdro themselves have also responded to the study, denying the accusations of malware propagation completely and arguing that DCA is just drawing general conclusions based on the type of service that the app provides. Mobdro operators imply that DCA’s report has not been completed with the required responsibility and that it contains unfounded allegations and no solid proof of the claims.

The company declares that its app is by no means trying to steal WiFi passwords or attempt to access any other storage devices connected to the same network. An argument in their favor is the fact that Mobdro does not require the user to allow root access, which would be necessary if the app were to access such sensitive data. On the contrary, Mobdro only asks the user to permit access to external storage for saving software updates, to be used as a memory for casting services, or to download streams.

But if there is nothing to worry about and Mobdro is completely safe, how does DCA come to the conclusion that the streaming app might risk user privacy? Mobdro creators have an explanation for these findings - they claim that the consumer safety organization has used for its analysis samples of malicious clones of Mobdro that have been modified by third parties. The team has been aware of the existence of such corrupted Mobdro versions and has been working on solving that problem for quite some time. A clear indication that a user has a tampered Mobdro version on their device is, for example, the presence of the "Frida toolkit."

For now, anti-malware companies have not issued any malware warnings or noticed any other suspicious activities related to the Mobdro applications. Users will have to wait and see whether DCA will publish any hard evidence of its claims.