Android users experience auto-opening URLs; deleting this app fixed it

I think it’s fair to say that Android users encounter more malware and rogue apps than iOS users. That’s not to say iOS can’t have problems; they are just less than Android. The main reason is that Android is a more open platform, while Apple sometimes tightens things up too much. I also think it’s fair to say that both ecosystems have their issues.

Users on the XDA forums recently set out to fix an annoying issue that some thought was malware. Their devices mysteriously started automatically opening URLs to the ertrogames.com domain. In any case, none of the URLs were requested by the user; they just opened in their default browser.

This type of behavior aligns with the conduct of malware. This is the conclusion that most users have come to. After a few days of troubleshooting and discussing the differences in devices and the apps they had installed, the community finally found the culprit.

Yoshino – Picture Collage Maker is a photo editing app with 500,000 downloads and a 5 star rating. Google Play has Yoshino’s data security listed as follows:

  • No data shared with third parties
  • This application may collect these types of data
  • Location, application information and performance, and device or other identifiers
  • Data is encrypted in transit
  • Data cannot be deleted

If you dig deeper and watch Yoshino on the Aurora Store (use at your own risk), you will find the following trackers in this Android application:

  • AppsFlyer
  • Facebook ID
  • ironSource
  • Facebook Ads
  • Facebook analysis
  • Adjust
  • Amazon Advertising
  • Unity 3D announcements
  • Mintegral
  • AppLovin (MAX and SparkLabs)
  • Google Ad Mob
  • IAB open measurement

Interestingly, Yoshino is listed as “no data shared with third parties on Google Play”. Looking at the list of trackers, many of them cannot work without data sharing. The URL auto-opening issue could be related to one of the advertising companies used by Yoshino. Sometimes ad placements can be used as malware and bypass the advertising agency and developer to the application. This does not make the app malicious, but it has the potential to carry malware via third-party advertisement.

Hopefully these users will contact Yoshino with the issue and they can fix it. For now, if you are facing this issue, you should remove the app from your Android device and wait for a fix.

What do you think? Did you have this problem? Please share your thoughts on one of the social media pages listed below. You can also comment on our Page MeWe by joining the MeWe social network. Be sure to subscribe to our TO SCOLD channel too!

Hats off to Mark Stronge for alerting us to this story.

Last updated September 10, 2022.

whats up app google malware collage maker-min

Comments are closed.