Android users experience auto-opening URLs; removing this app fixed it

, , ,

I think it’s fair to say that Android users experience more malware and bad apps than iOS users. That’s not to say that iOS can’t have issues; they’re just fewer than Android. Most of the reason is that Android is a more open platform, while Apple tightens things down sometimes too much. I also think it’s fair to say that both ecosystems have their problems.

Users over on the XDA forums have recently taken to troubleshooting an annoying issue that some thought may be malware. Their devices mysteriously began auto-opening URLs to the domain In all cases, none of the URLs were requested by the user; they just opened in their default browser.

This kind of behavior aligns itself with the conduct of malware. That was the conclusion that most users came to. After a few days of troubleshooting and discussing device differences and which apps they had installed, the community finally found the offender.

Yoshino – Pic Collage Maker is a photo editing app with 500K downloads and a 5-star rating. Google Play has the data safety of Yoshino listed as follows:

Android users experience auto-opening URLs; removing this app fixed it
  • No data shared with third parties
  • This app may collect these data types
  • Location, App info and performance, and Device or other IDs
  • Data is encrypted in transit
  • Data can’t be deleted

If you dig deeper and look at Yoshino on the Aurora Store (use at your own risk), you will find the following trackers inside this Android app:

  • AppsFlyer
  • Facebook Login
  • ironSource
  • Facebook Ads
  • Facebook Analytics
  • Adjust
  • Amazon Advertisement
  • Unity 3D Ads
  • Mintegral
  • AppLovin (MAX and SparkLabs)
  • Google AdMob
  • IAB Open Measurement

It is interesting that Yoshino is listed as “no data shared with third parties on Google Play.” Looking at the trackers’ list, many of these cannot work without data sharing. The auto-opening URL issue could be related to one of the ad companies Yoshino uses. Sometimes ad placements can be used as malware and get past the ad agency and developer and into the app. That doesn’t make the app malware, but it does have the potential to carry malware via a third-party ad.

Hopefully, these users will contact Yoshino with the issue, and they can sort it out. For now, if you’re experiencing this issue, you should delete the app from your Android device and wait for a fix.

What do you think? Have you had this issue? Please share your thoughts on any of the social media pages listed below. You can also comment on our MeWe page by joining the MeWe social network. Be sure to subscribe to our RUMBLE channel as well!

Hat Tip to Mark Stronge for tipping us off to this story.


Electrohome announces new affordable record player and bookshelf speakers

Bose announces its QuietComfort Earbuds II


Latest Articles

Share via
Copy link
Powered by Social Snap