Stolen Android Anti-Piracy Software Dumped on Github

Home > News >

A tool that can protect against Android software from piracy, tampering and cloning attacks has been taken down after being illegally posted on Github. The version of Nexguard exposed on the code repository was stolen from a customer of Guardsquare, the software's creator. Following a DMCA notice sent to Github, the tool has now been removed.

There are dozens of anti-piracy systems in the world designed to protect everything from music, movies and TV shows through to videogames and software.

In years gone by, many made the mistake of claiming to be impenetrable but as history has shown, most protections now act as mere stumbling blocks, to slow leaks and piracy down. What is more unusual is to hear of an anti-piracy tool itself being leaked online.

That appears to have been the case when code belonging to security company Guardsquare appeared online.

“We develop premium software for the protection of mobile applications against reverse engineering and hacking,” the company’s website reads.

“Our products are used across the world in a broad range of industries, from financial services, e-commerce and the public sector to telecommunication, gaming and media.”

One of Guardsquare’s products is Dexguard, a tool to protect Android applications from being decompiled, something that can lead to piracy, credential harvesting, tampering and cloning. Unfortunately, a version of Dexguard itself ended up on Github.

In a takedown notice filed with the Microsoft-owned code platform, Guardsquare explains that the code is unauthorized and was obtained illegally.

“The listed folders….contain an older version of our commercial obfuscation software (DexGuard) for Android applications. The folder is part of a larger code base that was stolen from one of our former customers,” Guardsquare writes.

While the repository containing the illegal copy of Dexguard was quickly taken down, the leaked code had already spread. Guardsquare found almost 300 ‘forks’ of the stolen software on Github and filed a request to have them all taken down.

That has now taken place but the account of the Github user who originally uploaded the content seems to be intact.

Using the name ‘HackedTeam’, the account contains code dating back several years. Some appears to be linked to Android spyware previously described as “one of the most professionally developed and sophisticated Android malware ever exposed.”


Popular Posts
From 2 Years ago…