Android Question Protecting an app from cloning

Discussion in 'Android Questions' started by Sasuke Sama, Jun 26, 2019.

  1. Sasuke Sama

    Sasuke Sama Active Member Licensed User

    I recently got my hand on someone on the playstore who copied and modified one of my apps including the name, icon, colores and even put his on firebase ads insted of mine then re-uploaded on the playstore in his account
    I tried to reach for google several times but they dont seem to care
    My app is not the only app all his published apps are a modified apps.
    So is there anyway i can protect my apps from cloning?
     
  2. Jmu5667

    Jmu5667 Well-Known Member Licensed User


    what is your app, and the closed app, post the playstore links here
     
    MarkusR likes this.
  3. Peter Simpson

    Peter Simpson Expert Licensed User

  4. Sasuke Sama

    Sasuke Sama Active Member Licensed User

     
    Last edited: Jun 27, 2019
  5. sorex

    sorex Expert Licensed User

    if they ask him about it he can just say it's reversed enginered and there's not much they can do about it I guess.
     
  6. Sasuke Sama

    Sasuke Sama Active Member Licensed User

  7. sorex

    sorex Expert Licensed User

    They don't look 100% identical to me?
     
    MarkusR and Star-Dust like this.
  8. Jmu5667

    Jmu5667 Well-Known Member Licensed User

    How do you know it was cloned ? Have you de-compiled the suspected cloned APK ?
     
  9. MarkusR

    MarkusR Well-Known Member Licensed User

    the screenshots in app store looks different. i guess someone just copy the idea and made own app.
     
  10. sorex

    sorex Expert Licensed User

    in that case everyone can start complaining as 100% unique apps are like non existing (after a few months).
     
  11. Star-Dust

    Star-Dust Expert Licensed User

    What does cloning mean to you?
    1. Recover the source code illegally to reuse it
    2. Create a similar app that has the same goal as yours
     
    KZero likes this.
  12. Sasuke Sama

    Sasuke Sama Active Member Licensed User

    Screenshot are not what the app really is
     
  13. Sasuke Sama

    Sasuke Sama Active Member Licensed User

    Screenshot are not what the app really is ... When i send a notification to my app the clone received it as well
    The clone also uses my firebase database ... My servers and my users accounts
     
  14. Sasuke Sama

    Sasuke Sama Active Member Licensed User

    Screenshot are not from the app they're fake
     
    MarkusR likes this.
  15. Sasuke Sama

    Sasuke Sama Active Member Licensed User

    My app is closed source
    Screenshot are not what the app really is ... When i send a notification to my app the clone received it as well
    The clone also uses my firebase database ... My servers and my users accounts
     
  16. Star-Dust

    Star-Dust Expert Licensed User

    It could be a clone as you suppose, but the developer could have created an alternative client. Sniffing the network, some developers have reproduced alternative clients to aim, icq, messenger and even WhatsApp in the past.
    Recreating that menu is not difficult.

    Of course, if they manage to access your firebase there was certainly a reverse engegneer or someone had access to your PC.
    Is it a successful app that would justify such an action?

    Peter's suggestions are excellent.

    PS the size of the APKs is different, they are not identical
     
  17. sorex

    sorex Expert Licensed User

    just update the app every week and change the firebase database/pushmessage passwords aswell. (if there are any)

    he'll give up after a while.
     
  18. Sasuke Sama

    Sasuke Sama Active Member Licensed User

    I managed to contact him and he confirmed that he is using my app and modified it
    He also refusing to remove it from the store
    Guess ill have to do it the hard way
     
  19. Sasuke Sama

    Sasuke Sama Active Member Licensed User

    I thought about that as well i will do that alongside the suggestions above
    Thanx everyone best community ever : D
     
  20. techknight

    techknight Well-Known Member Licensed User

    The only way to fix this and prevent it for awhile is to design a kill switch inside the app that is part of an algorithm that is required to generate mathematically, numbers used to run the app, that is so intertwined that its not easily patched out.

    To start off with, UI code. all the font sizes and alignment codes could be generated by this algorithm. All your For loops and compare if statements could be obfuscated numbers that get corrected by yet another algorithm that has to execute to change the state of the variable to the correct value.

    When you throw the kill switch, the whole app is basically junk unless its "recreated" by putting in so many patches.

    The trick is, make it elaborate like I have explained, but also make it very subtle so it goes unnoticed. the seeds/keys to the algorithm can be embedded in an image, it could be sent from the server with account info, make it so it goes unnoticed.

    Then, when the killswitch gets thrown, the reference data is no longer there to "replay attack" the system anymore.
     
    Last edited: Jun 26, 2019
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice