If there is one thing I despise in the world of Android, it is piracy and specifically Android sites that let you download paid apps, oftentimes for a monthly membership fee. Most Android developers are not large corporations, but rather independent, smalltime individuals to whom every download counts. Today's story, therefore, gives me added pleasure, because in it, pirates are implicated in one of the most embarrassing ways I can imagine.

An application, masking itself as a non-existent version of the paid app called Walk and Text, was uploaded to multiple pirate Android app markets across North America and Asia. This time, those who downloaded it for free and expected what users would normally get after paying $1.54 in the official Android Market, got a bit of a surprise. And boy, is it embarrassing!

After displaying a "Cracking..." dialog, which in reality just collects and sends out personal data (such as the name, phone number, IMEI, etc), the app sends out the following text message to all of the user's address book contacts:

Hey,just downlaoded a pirated App off the Internet, Walk and Text for Android. Im stupid and cheap,it costed only 1 buck.Don't steal like I did!

image

The text above, as you can see, is written in very broken English, either for added lulz or because pranksters don't have time to sit in a library all day (OK?). To finish the flustered user off, the app display the following dialog, using surprisingly much more proper English (thus making the SMS sent to all contacts that much more evil):

Application Not Licensed

We really hope you learned something from this. Check your phone bill ;) Oh and dont forget to buy the App from the Market

image

And this, my friends, is how you properly troll the pirates.

Oh, and enjoy the free advertising, Walk and Text. You deserved it (unless this was a genius marketing campaign, in which case I take it all back!).

Update: Incorporate Apps, the company behind the real Walk and Text reached out to us to let everyone know they are in no way approving of or related to the rogue app. Here is what they said (with some of my formatting changes for readability):

Hello,
We are a bit surprised about this publicity. We are the makers of the OFFICIAL Walk and Text app. We also received some questions whether we have anything to do with this file.

And the answer is NO, we do not!

This could very well be seen from the signature of the file (reported on some other forum) and from the code structure. Anyone, anywhere, can get a hold of our APK and rip it and put what they want in it.

Truth is our App got hacked 2 months ago 1 week after it was launched, we removed all of the files from the fileservers, DMCA reports and everything, took us 2 weeks. Then the hackers obviously decided to get back at us and put bad publicity on our side. This file is not to be found on public fileservers (not to our knowledge, email us if you find anything).

We only find the files on some Asian torrents (and rapidshare as google alerts reports). There is nothing we can do about this file.
please do not download files from outside the Market, or at least check the permissions.

Our OFFICIAL App doesn’t even ask for the Internet permission, how are we going to send private information anywhere?!?

With that said, the original blog posts come from 2 anti piracy companies, AVAST and Symantec. They even insisted that the file was found on the Android Market. Symantec quotes a copy of the License Verification Structure, LVL, to be something an official App has. Well yeah of course, if they rip our App, you will see LVL in there… I leave it to you to do the math and their integrity about this situation.

We were never contacted for a comment prior to their blog posts!

We are sorry to be involved and we did not ask for this publicity and once again have nothing to do with this!

Source: Symantec