PSA: Fake YouTube Vanced app listed on Play Store

Official app support for third party services often play a key role behind the success of the platform as well as the service. We all know the tragic demise of Windows Mobile due to lack of third party apps.

On the other hand, sometimes you may want to get rid of all the extra ‘features’ from an official app. For example, bundling Facebook with a phone and running the humongous memory hogging app may irritate an individual so much that they end up with certain things “de-bullshified”.

The regular YouTube app is not that miserable though. It also offers a ‘Go’ variant for users with less bandwidth and entry level phone. Obviously there are some caveats, such as background playback or picture-in-picture (PiP) mode are reserved for the premium tier.

Oh, and you need to deal with ads… I mean A LOT OF ADS! ?

There are some alternatives – NewPipe is the most eminent one among them. And we also have YouTube Vanced, a well-known mod of original YouTube app with lot of extra features.

Vanced is a well known modded version of YouTube with many features such as adblocking and background playback and many more.

The idea behind creating Vanced is quite simple: original YouTube apps share a large volume of common codebase. Thus, patching the condition checks and porting premium features seem feasible. The group of developers have done exactly that.

youtube_vanced_themes

Problem is the modded version can’t be distributed via Play Store as it violates number of policies imposed by Google. As a consequence, developers offer both root and non-root based solutions via the XDA thread or their official site for sideloading.

Because of the popularity of this mod, copycats are always popping up like mushrooms after rain. We are now aware of another such incident. A random person has uploaded the non-root version of YouTube Vanced (package name: com.vanced.android.youtube) to Play Store and it is still up at the time of reporting.

Identifying the copycat doesn’t require much time. The developer ID is already taken down by Google. While no website is mentioned, the contact email domain reveals the identity of the person easily. And yes, it is the exact person who has left the sole five star rating.

youtube_vanced_copycat_play_stote

Experienced eyes should be able to spot the anomalies, but unfortunately, that does not account for majority of users. To make things worse, users who have installed the non-root version are now automatically redirected to this listing  if they check for updates via Play Store.

Play Store primarily scans the package name for querying. For the same reason, APKMirror is also compromised. Their bot crawls Play Store listings and adds the copycat in the description of the mod.

youtube_vanced_copycat_apkmirror

The author was informed by a friend about the incident last night. After verifying it ourselves, we contacted YouTube Vanced team. The response from the representative is as follows:

Yes, unfortunately nothing we can do about it. Pisses me off though.

We are trying to contact APKMirror/Android Police guys to rectify the issue on their end. Eventually Google may remove it, but the attack vector should not be ignored.

For our readers who use YouTube Vanced, never install/update it outside of the official site ot XDA thread.

PiunikaWeb is a unique initiative that mainly focuses on investigative journalism. This means we do a lot of hard work to come up with news stories that are either ‘exclusive,’ ‘breaking,’ or ‘curated’ in nature. Perhaps that’s the reason our work has been picked by the likes of Forbes, Foxnews, Gizmodo, TechCrunch, Engadget, The Verge, Macrumors, and more. Do take a tour of our website to get a feel of our work. And if you like what we do, stay connected with us on Twitter (@PiunikaWeb) and other social media channels to receive timely updates on stories we publish.

Want to work for PiunikaWeb and enjoy best-in-industry compensation & benefits? You'll be glad to know we're hiring experienced candidates.

Tags :

Kingshuk De

I came from a mixed background of Statistics and Computer Science. My research domains included embedded computer systems, mobile computing and delay tolerant networks in post-disaster scenarios. Apart from tinkering with gadgets or building hackintosh, I like to hop on various subreddits and forums like MyDigitalLife and XDA.