Monthly Archives: November 2019

Car Blind Spots solved by 14  year old by projecting live camera feed onto pillars blocking view

Posted on by

Using some relatively inexpensive and readily available technology you can find at any well-stocked electronics store, Alaina Gassler, a 14-year-old inventor from West Grove, Pennsylvania, came up with a clever way to eliminate the blind spot created by the thick pillars on the side of a car’s windshield.

[…]

Her solution involves installing an outward-facing webcam on the outside of a vehicle’s windshield pillar, and then projecting a live feed from that camera onto the inside of that pillar. Custom 3D-printed parts allowed her to perfectly align the projected image so that it seamlessly blends with what a driver sees through the passenger window and the windshield, essentially making the pillar invisible.

Her invention was part of a project called “Improving Automobile Safety by Removing Blind Spots,” which Gassler presented at this year’s Society for Science and the Public’s Broadcom MASTERS (Math, Applied Science, Technology, and Engineering for Rising Stars) science and engineering competition.

Source: 14-Year-Old Genius Alaina Gassler Solves Car Blind Spots

NordVPN users’ passwords exposed in mass credential-stuffing attacks

Posted on by

As many as 2,000 users of NordVPN, the virtual private network service that recently disclosed a server hack that leaked crypto keys, have fallen victim to credential-stuffing attacks that allow unauthorized access to their accounts.

In recent weeks, credentials for NordVPN users have circulated on Pastebin and other online forums. They contain the email addresses, plain-text passwords, and expiration dates associated with NordVPN user accounts.

I received a list of 753 credentials on Thursday and polled a small sample of users. The passwords listed for all but one were still in use. The one user who had changed their password did so after receiving an unrequested password reset email. It would appear someone who gained unauthorized access was trying to take over the account. Several other people said their accounts had been accessed by unauthorized people.

Over the past week, breach notification service Have I Been Pwned has reported at least 10 lists of NordVPN credentials similar to the one I obtained.

Enlarge
Have I Been Pwned

While it’s likely that some accounts are listed in multiple lists, the number of user accounts easily tops 2,000. What’s more, a large number of the email addresses in the list I received weren’t indexed at all by Have I Been Pwned, indicating that some compromised credentials are still leaking into public view. Most of the Web pages that host these credentials have been taken down, but at the time this post was going live, at least one remained available on Pastebin, despite the fact Ars brought it to NordVPN’s attention more than 17 hours earlier.

Without exception, all of the plain-text passwords are weak. In some cases, they’re the string of characters to the left of the @ sign in the email address. In other cases, they’re words found in most dictionaries. Others appear to be surnames, sometimes with two or three numbers tacked onto the end. These common traits mean that the most likely way these passwords became public is through credential stuffing. That’s the term for attacks that take credentials divulged in one leak to break into other accounts that use the same username and password. Attackers typically use automated scripts to carry out these attacks.

Source: NordVPN users’ passwords exposed in mass credential-stuffing attacks | Ars Technica

13 year old thinks up New Hyperloop design, builds on existing rail infrastructure

Posted on by
Crouchley’s idea, which just won second place in the annual 3M Young Scientist Challenge, is to build pneumatic tubes next to existing train tracks.
Magnetic shuttles would travel through these vacuum tubes, connected via magnetic arm to trains traveling on the existing tracks.
This system would utilize current train tracks, thereby cutting infrastructure costs and, Crouchley says, eradicating the potential safety risk posed by propelling passengers in a vacuum.
There’d be no need for trains to use diesel or electric motors, making the trains lighter and more fuel-efficient.
This is important to Crouchley, who aims to devise active solutions to the climate crisis.
“I pinpointed transportation as something I wanted to work on because if we can make trains more efficient, then we can eliminate the amount of cars, trucks and buses on the road,” Crouchley tells CNN Travel.

Real world inspiration

Caroline-Crouchley-Hyperloop2
[…]
“Hyperloop is very high risk,” says Crouchley.
“My design can be less expensive and more efficient than current train technology that’s out there already. It’s also safer than Hyperloop.
My design can rely on 100% renewable energy, so it eliminates the need for a diesel engine or an electric motor, which makes the train lighter, so it can move faster.”

Source: New Hyperloop design comes from the mind of a 13-year-old scientist | CNN Travel

Google Sidewalk Labs document reveals company’s early vision for big brother city in city with private tax powers, criminal justice and huge personal data slurp based on a social credit system

Posted on by

A confidential Sidewalk Labs document from 2016 lays out the founding vision of the Google-affiliated development company, which included having the power to levy its own property taxes, track and predict people’s movements and control some public services.

The document, which The Globe and Mail has seen, also describes how people living in a Sidewalk community would interact with and have access to the space around them – an experience based, in part, on how much data they’re willing to share, and which could ultimately be used to reward people for “good behaviour.”

Known internally as the “yellow book,” the document was designed as a pitch book for the company, and predates Sidewalk’s relationship and formal agreements with Toronto by more than a year. Peppered with references to Disney theme parks and noted futurist Buckminster Fuller, it says Sidewalk intended to “overcome cynicism about the future.”

But the 437-page book documents how much private control of city services and city life Google parent company Alphabet Inc.’s leadership envisioned when it created the company,

[…]

“The ideas contained in this 2016 internal paper represent the result of a wide-ranging brainstorming process very early in the company’s history,” Sidewalk spokesperson Keerthana Rang said. “Many, if not most, of the ideas it contains were never under consideration for Toronto or discussed with Waterfront Toronto and governments. The ideas that we are actually proposing – which we believe will achieve a new model of inclusive urban growth that makes housing more affordable for families, creates new jobs for residents, and sets a new standard for a healthier planet – can all be found at sidewalktoronto.ca.”

[…]

To carry out its vision and planned services, the book states Sidewalk wanted to control its area much like Disney World does in Florida, where in the 1960s it “persuaded the legislature of the need for extraordinary exceptions.” This could include granting Sidewalk taxation powers. “Sidewalk will require tax and financing authority to finance and provide services, including the ability to impose, capture and reinvest property taxes,” the book said. The company would also create and control its own public services, including charter schools, special transit systems and a private road infrastructure.

Sidewalk’s early data-driven vision also extended to public safety and criminal justice.

The book mentions both the data-collection opportunities for police forces (Sidewalk notes it would ask for local policing powers similar to those granted to universities) and the possibility of “an alternative approach to jail,” using data from so-called “root-cause assessment tools.” This would guide officials in determining a response when someone is arrested, such as sending someone to a substance abuse centre. The overall criminal justice system and policing of serious crimes and emergencies would be “likely to remain within the purview of the host government’s police department,” however.

Data collection plays a central role throughout the book. Early on, the company notes that a Sidewalk neighbourhood would collect real-time position data “for all entities” – including people. The company would also collect a “historical record of where things have been” and “about where they are going.” Furthermore, unique data identifiers would be generated for “every person, business or object registered in the district,” helping devices communicate with each other.

There would be a quid pro quo to sharing more data with Sidewalk, however. The document describes a tiered level of services, where people willing to share data can access certain perks and privileges not available to others. Sidewalk visitors and residents would be “encouraged to add data about themselves and connect their accounts, either to take advantage of premium services like unlimited wireless connectivity or to make interactions in the district easier,” it says.

Shoshana Zuboff, the Harvard University professor emerita whose book The Age of Surveillance Capitalism investigates the way Alphabet and other big-tech companies are reshaping the world, called the document’s revelations “damning.” The community Alphabet sought to build when it launched Sidewalk Labs, she said, was like a “for-profit China” that would “use digital infrastructure to modify and direct social and political behaviour.”

While Sidewalk has since moved away from many of the details in its book, Prof. Zuboff contends that Alphabet tends to “say what needs be said to achieve commercial objectives, while specifically camouflaging their actual corporate strategy.”

[…]

hose choosing to remain anonymous would not be able to access all of the area’s services: Automated taxi services would not be available to anonymous users, and some merchants might be unable to accept cash, the book warns.

The document also describes reputation tools that would lead to a “new currency for community co-operation,” effectively establishing a social credit system. Sidewalk could use these tools to “hold people or businesses accountable” while rewarding good behaviour, such as by rewarding a business’s good customer service with an easier or cheaper renewal process on its licence.

This “accountability system based on personal identity” could also be used to make financial decisions.

“A borrower’s stellar record of past consumer behaviour could make a lender, for instance, more likely to back a risky transaction, perhaps with the interest rates influenced by digital reputation ratings,” it says.

The company wrote that it would own many of the sensors it deployed in the community, foreshadowing a battle over data control that has loomed over the Toronto project.

Source: Sidewalk Labs document reveals company’s early vision for data collection, tax powers, criminal justice – The Globe and Mail

xHelper Android Malware Can Survive a Factory Reset

Posted on by

Though this somewhat-new “xHelper” malware has affected a low number of Android users so far (around 45,000, estimates Symantec), the fact that nobody has any clear advice on how to remove it is a worrisome fact. While the odds are good that you won’t get hit with this malware, given its low installation rate so far—even though it’s been active since March—you should still know what it does and how to (hopefully) avoid it.

As Malwarebytes describes, xHelper starts by concealing itself as a regular app by spoofing legitimate apps’ package names. Once it’s on your device, you’re either stuck with a “semi-stealth” version, which drops an xHelper icon blatantly in your notifications—but no app or shortcut icons—or a “full-stealth” version, which you’ll only notice if you visit Settings > Apps & notifications > App Info (or whatever the navigation is on your specific Android device) and scroll down to see the installed “xHelper” app.

What does xHelper do?

Thankfully, xHelper isn’t destructive malware in the sense that it’s not recording your passwords, credit card data, or anything else you’re doing on your device and sending it off to some unknown attacker. Instead, it simply spams you with pop-up advertisements on your device and annoying notifications that all try to get you to install more apps from Google Play—presumably how the xHelper’s authors are making cash from the malware.

The dark side, as reported by ZDNet, is that xHelper can allegedly download and install apps on your behalf. It doesn’t appear to be doing so at the moment, but if this were to happen—coupled with the app’s mysterious ability to persist past uninstallations and factory resets—would be a huge backdoor for anyone affected by the malware.

Wait, I can’t uninstall it?

Yep. This is the insidious part of xHelper. Neither Symantec nor Malwarebytes have any good recommendations for getting this malware off your device once it’s installed, as the mechanisms it uses to persist past a full factory reset of your device are unknown.

Source: This New Android Malware Can Survive a Factory Reset

New Battery Design Can Charge an Electric Car in 10 Minutes

Posted on by

A new lithium-ion battery design makes it possible for electric vehicle drivers to charge their cars and hit the road in as little as ten minutes, according to a new study.

The quick charge gives drivers up to 200 miles per ten minute charge while maintaining 2,500 charging cycles, the researchers behind the study say. That is equivalent to over half a million miles throughout the battery’s life, a press release notes. All that happens in the time it takes you to brew a morning coffee.

Researchers say that this design could finally make electric vehicles a viable competitor for traditional vehicles. “Range anxiety” is the fear of being stranded if your electric vehicle runs out of charge which has been a common barrier to adoption for many drivers.

In the study, published on Wednesday in Joule, researchers from Penn State University describe an asymmetric approach to fast-charging batteries that mitigates the effects of natural degradation of the lithium-ion batteries. This is achieved by quickly charging at a high temperature and then storing the charge more slowly at a cooler temperature. The researchers found that this approach allowed the batteries to avoid performance loss usually created from “battery plaque,” called lithium plating or solid-electrolyte-interphase (SEI) growth, which typically grows on batteries over time when exposed to heat.

[…]

In order to charge your car in just ten minutes with these new batteries in the future though, you might have to buy a new car or at least replace the battery.

“[The car] would require a new battery with our internal heating structure built in,” Chao-Yang Wang, coauthor of the study and director of the Electrochemical Engine Center at Penn State, said in an email.

Source: New Battery Design Can Charge an Electric Car in 10 Minutes – VICE

AFAIC please get the aluminium/air batteries commercialised ASAP!

‘Nearly All’ Counter-Strike Microtransactions Are Being Used for Money Laundering

Posted on by

Counter-Strike: Global Offensive players will no longer be able to trade container keys between accounts because the trade was part of a massive worldwide fraud network. Players earned cases in Counter-Strike containing weapons and cosmetic upgrades, but had to purchase the keys to open the boxes. Developer Valve runs an internal marketplace on Steam where it allowed players to trade the boxes and the keys. Valve patched the game on October 28 and explained the problem in its patch notes.

“In the past, most key trades we observed were between legitimate customers,” the statement said. “However, worldwide fraud networks have recently shifted to using CS:GO keys to liquidate their gains. At this point, nearly all key purchases that end up being traded or sold on the marketplace are believed to be fraud-sourced.”

This isn’t the first time Counter-Strike’s microtransactions were at the center of fraud. In September, 2017, the Federal Trade Commission settled with two YouTubers who ran popular websites that allowed fans to gamble their Counter-Strike skins. The influencers advertised the gambling site to fans on YouTube with video titles like HOW TO WIN $13,000 IN 5 MINUTES CS GO Betting without disclosing that they owned it.

Source: ‘Nearly All’ Counter-Strike Microtransactions Are Being Used for Money Laundering – VICE

Facebook ends appeal against ICO Cambridge Analytica micro-fine: Doesn’t admit liability, gives away £500k

Posted on by

Facebook has ended its appeal against the UK Information Commissioner’s Office and will pay the outstanding £500,000 fine for breaches of data protection law relating to the Cambridge Analytica scandal.

Prior to today’s announcement, the social network had been appealing against the fine, alleging bias and requesting access to ICO documents related to the regulator’s decision making. The ICO, in turn, was appealing a decision that it should hand over these documents.

The issue for the watchdog was the misuse of UK citizens’ Facebook profile information, specifically the harvesting and subsequent sale of data scraped from their profiles to Cambridge Analytica, the controversial British consulting firm used by US prez Donald Trump’s election campaign.

The app that collected the data was “thisisyourdigitallife”, created by Cambridge developer Aleksandr Kogan. It hoovered up Facebook users’ profiles, dates of birth, current city, photos in which those users were tagged, pages they had liked, posts on their timeline, friends’ lists, email addresses and the content of Facebook messages. The data was then processed in order to create a personality profile of the user.

“Given the way our platform worked at the time,” Zuck has said, “this meant Kogan was able to access tens of millions of their friends’ data”. Facebook has always claimed it learned of the data misuse from news reports, though this has been disputed.

Both sides will now end the legal fight and Facebook will pay the ICO a fine but make no admission of liability or guilt. The money is not kept by the data protection watchdog but goes to the Treasury consolidated fund and both sides will pay their own costs. The ICO spent an eye-watering £2.5m on the Facebook probe.

Source: Facebook ends appeal against ICO micro-fine: Admit liability? Never. But you can have £500k • The Register

GitLab pulls U-turn on plan to crank up usage telemetry after both staff and customers cry foul

Posted on by

VP of product Scott Williamson announced on 10 October that “to make GitLab better faster, we need more data on how users are using GitLab”.

GitLab is a web application that runs on Linux, with options for self-hosting or using the company’s cloud service. It is open source, with both free and licensed editions.

Williamson said that while nothing was changing with the free self-hosted Community Edition, the hosted and licensed products would all now “include additional JavaScript snippets (both open source and proprietary) that will interact with both GitLab and possibly third-party SaaS telemetry services (we will be using Pendo)”. The only opt-out was to be support for the Do Not Track browser mechanism.

GitLab customers and even some staff were not pleased. For example, Yorick Peterse, a GitLab staff developer, said telemetry should be opt-in and that the requisite update to the terms of service would break some API usage (because bots do not know how to accept terms of service), adding: “We have plenty of customers who would not be able to use GitLab if it starts tracking data for on-premises installations.”

There is more background in the issue here, which concerns adding the identity of the user to the Snowplow analytics service used by GitLab.

“This effectively changes our Snowplow integration from being an anonymous aggregated thing to a thing that tracks user interaction,” engineering manager Lukas Eipert said back in July. “Ethically, I have problems with this and legally this could have a big impact privacy wise (GDPR). I hereby declare my highest degree of objection to this change that I can humanly express.”

On the other hand, GitLab CFO Paul Machle said: “This should not be an opt in or an opt out. It is a condition of using our product. There is an acceptance of terms and the use of this data should be included in that.”

On 23 October, an email was sent to GitLab customers announcing the changes.

Yesterday, however, CEO Sid Sijbrandij put the plans on hold, saying: “Based on considerable feedback from our customers, users, and the broader community, we reversed course the next day and removed those changes before they went into effect. Further, GitLab will commit to not implementing telemetry in our products that sends usage data to a third-party product analytics service.” Sijbrandij also promised a review of what went wrong. “We will put together a new proposal for improving the user experience and share it for feedback,” he said.

Despite this embarrassing backtrack, the incident has demonstrated that GitLab does indeed have an open process, with more internal discussion on view than would be the case with most companies. Nevertheless, the fact that GitLab came so close to using personally identifiable tracking without specific opt-in has tarnished its efforts to appear more community-driven than alternatives like Microsoft-owned GitHub. ®

Source: GitLab pulls U-turn on plan to crank up usage telemetry after both staff and customers cry foul • The Register

NHS Pagers Are Leaking Sensitive Medical Data – wait, pagers still exist?

Posted on by

Pagers used within the United Kingdom’s National Health Service are leaking sensitive patient information, and an amateur radio enthusiast has been broadcasting some of that medical data on a webcam livestream, a security researcher has found.

TechCrunch reports that Florida-based security researcher Daley Borda stumbled upon the strange confluence of archaic tech that flowed together to create a security nightmare.

Borda regularly scans the internet looking for concerning privacy and security activity. He recently discovered a grainy livestream showing a radio rig in North London that picked up radio waves and converted the transmissions into text that was displayed on a computer screen, according to TechCrunch. The hobbyist had set up a webcam that captured what was on the display, which showed medical emergencies as they were being reported. The webcam reportedly had no password, so anyone could find it and see the messages that showed directions meant for ambulances responding to emergency calls.

“You can see details of calls coming in—their name, address, and injury,” Borda told TechCrunch, which verified his discovery.

The tech news outlet reviewed several concerning messages that showed the location where people were reporting medical emergencies, including one that showed the address where a 49-year-old man was having chest pains and one that showed the address of a 98-year old man who had fallen.

[…]

A spokesperson for NHS told Gizmodo that the NHS consists of several different organizations, like hospital trusts and ambulances trusts, and “each organization is responsible for the technology it buys and uses (including pagers).” They pointed Gizmodo to a statement that Health and Social Care Secretary Matt Hancock issued in February instructed the NHS to stop using pagers by 2022. In his statement, he said the NHS uses 130,000 pagers.

Source: NHS Pagers Are Leaking Sensitive Medical Data

Notepad++’s ‘Free Uyghur’ release sparks spam tsunami by pro-Chinese – tough shit says developer who has many politically themed releases

Posted on by

On Tuesday, Don HO, the developer of Notepad++, a free GPL source code editor and notepad application for Microsoft Windows, released version 7.8.1, prompting a social media firestorm and a distributed denial of service attack.

Notepad++ v7.8.1 was designated “the Free Uyghur edition,” in reference to the predominantly Muslim ethnic group in western China that faces ongoing human rights violations and persecution at the hands of Beijing.

“The site notepad-plus-plus.org has suffered DDoS attack from 1230 to 1330 Paris time,” HO said in an email to The Register. “I saw the [reduced] amount of visitors via Google analytics then the support of my host confirmed the attack. The DDoS attack has been stopped by an anti-DDoS service provided by our host [Cloudflare].”

Previous politically-themed Notepad++ releases have focused on Tiananmen Square and the terrorist attack on French satirical publication Charlie Hebdo.

A post on the project’s website explains HO’s decision to criticize the Chinese government, something companies with business interests in China generally try not to do for fear of retribution.

Screenshot of Notepad++ issues

Some of the ‘issues’ raised by pro-China supports on the Notepad++ GitHub page … Click to enlarge

“People will tell me again to not mix politics with software/business,” HO’s post says. “Doing so surely impacts the popularity of Notepad++: talking about politics is exactly what software and commercial companies generally try to avoid.”

“The problem is, if we don’t deal with politics, politics will deal with us. We can choose to not act when people are being oppressed, but when it’s our turn to be oppressed, it will be too late and there will be no one for us. You don’t need to be Uyghur or a Muslim to act, you need only to be a human and have empathy for our fellow humans.”

Source: Just take a look at the carnage on Notepad++’s GitHub: ‘Free Uyghur’ release sparks spam tsunami by pro-Chinese • The Register

Government officials around the globe targeted for hacking through WhatsApp – FB fingers Israeli NSO group

Posted on by

WASHINGTON (Reuters) – Senior government officials in multiple U.S.-allied countries were targeted earlier this year with hacking software that used Facebook Inc’s (FB.O) WhatsApp to take over users’ phones, according to people familiar with the messaging company’s investigation.

Sources familiar with WhatsApp’s internal investigation into the breach said a “significant” portion of the known victims are high-profile government and military officials spread across at least 20 countries on five continents. Many of the nations are U.S. allies, they said.

The hacking of a wider group of top government officials’ smartphones than previously reported suggests the WhatsApp cyber intrusion could have broad political and diplomatic consequences.

WhatsApp filed a lawsuit on Tuesday against Israeli hacking tool developer NSO Group. The Facebook-owned software giant alleges that NSO Group built and sold a hacking platform that exploited a flaw in WhatsApp-owned servers to help clients hack into the cellphones of at least 1,400 users between April 29, 2019, and May 10, 2019.

The total number of WhatsApp users hacked could be even higher. A London-based human rights lawyer, who was among the targets, sent Reuters photographs showing attempts to break into his phone dating back to April 1.

While it is not clear who used the software to hack officials’ phones, NSO has said it sells its spyware exclusively to government customers.

Some victims are in the United States, United Arab Emirates, Bahrain, Mexico, Pakistan and India, said people familiar with the investigation. Reuters could not verify whether the government officials were from those countries or elsewhere.

Some Indian nationals have gone public with allegations they were among the targets over the past couple of days; they include journalists, academics, lawyers and defenders of India’s Dalit community.

NSO said in a statement that it was “not able to disclose who is or is not a client or discuss specific uses of its technology.” Previously it has denied any wrongdoing, saying its products are only meant to help governments catch terrorists and criminals.

Cybersecurity researchers have cast doubt on those claims over the years, saying NSO products were used against a wide range of targets, including protesters in countries under authoritarian rule.

Source: Exclusive: Government officials around the globe targeted for hacking through WhatsApp – sources – Reuters

Google has officially purchased Fitbit for $2.1 billion. Now has your fitness data and a wearable OS that’s actually quite good.

Posted on by

Google’s Senior Vice President of Devices & Services, Rick Osterloh, broke the news on the official Google blog, saying:

Over the years, Google has made progress with partners in this space with Wear OS and Google Fit, but we see an opportunity to invest even more in Wear OS as well as introduce Made by Google wearable devices into the market. Fitbit has been a true pioneer in the industry and has created engaging products, experiences and a vibrant community of users. By working closely with Fitbit’s team of experts, and bringing together the best AI, software and hardware, we can help spur innovation in wearables and build products to benefit even more people around the world.

Earlier this week, on October 28, a report from Reuters surfaced to indicate that Google was in a bid to purchase Fitbit. It’s a big move, but it’s also one that makes good sense.

Google’s Wear OS wearable platform has been in something of a rut for the last few years. The company introduced the Android Wear to Wear OS rebrand in 2018 to revitalize its branding/image, but the hardware offerings have still been pretty ho-hum. Third-party watches like the Fossil Gen 5 have proven to be quite good, but without a proper “Made by Google” smartwatch and other major players, such as Samsung, ignoring the platform, it’s been left to just sort of exist.

Source: Google has officially purchased Fitbit for $2.1 billion | Android Central

Trick or treating Android Emoji keyboard app makes millions of unauthorized purchases $18m blocked

Posted on by

$18 million of fraudulent charges from the app blocked by malware security platform Secure-D

London, October 31st, 2019  – A popular Android keyboard app, ai.type, downloaded more than 40 million times and included in the Google Play app store, has been caught making millions of unauthorized purchases of premium digital content, researchers at mobile technology company Upstream report. The app has been delivering millions of invisible ads and fake clicks, while delivering genuine user data about real views, clicks and purchases to ad networks. Ai.type carries out some of its activity hiding under other identities[1], including disguising itself to spoof popular apps such as Soundcloud. The app’s tricks have also included a spike in suspicious activity once removed from the Google Play store.

The Upstream Secure-D mobile security platform has so far detected and blocked more than 14 million suspicious transaction requests from only 110,000 unique devices that downloaded the ai.type keyboard. If not blocked these transaction requests would have triggered the purchase of premium digital services, potentially costing users up to $18 million in unwanted charges. The suspicious activity has been recorded across 13 countries but was particularly high in Egypt and Brazil.

Ai.type is disguised as a free treat for mobile users. It is a customizable on-screen keyboard app developed by Israeli firm ai.type LTD, which describes the app as a “Free Emoji Keyboard”. Despite the fact that the app was removed from Google Play in June 2019, the app remains on millions of Android devices and is still available from other Android marketplaces.

Source: Trick or treating Android Emoji keyboard app makes millions of unauthorized purchases – Upstream