Pirates on Google Play: How Rule-Breakers Thrive in the App Market

By Tara SinghAndroid Apps

Pirates on Google Play: How Rule-Breakers Thrive in the App Market

Every new technology gives rise to new shady dealings, and mobile apps are no exception. In this article, you’ll learn what developers who decide to break Google Play’s rules (and sometimes even the law) actually do. You’ll find out where fake reviews and mass-produced apps come from, and how the market gets flooded with them.

The Harsh Reality for Honest Developers

For honest developers, Google Play is far from a friendly environment. If your app doesn’t make it to the top, users will never find it, and you’ll never recoup your development costs. Plus, Google is essentially a monopoly, leaving developers with no real choice: either publish on the store or your app is doomed—you might make more money selling street food.

But some people profit from this situation—these are the mobile pirates. They do almost the same work as regular app developers, but their top priority is profit at any cost. To achieve this, they break laws or platform rules, using the dirtiest methods for promotion and monetization.

The Pirate Team Structure

Otherwise, a pirate team looks much like a regular development team. They hire programmers, designers, content specialists, copywriters, and analysts. Programmers and designers work on the app itself, copywriters write descriptions, and analysts pick niches and keywords. There are also “publishers” who upload the apps to the store. And, of course, there’s a captain steering the pirate ship.

Modern pirates try to legalize their operations as much as possible. Since 2014, when this business started in the post-Soviet region, they’ve formed a tight-knit community.

What Keeps an App Afloat?

App stores always face the challenge of how to rank apps in search results. For example, if there are two “Battleship” games with similar designs, how do you choose which to show first? And what if there are dozens of similar apps?

Most installs go to the top three apps in the list. Can you make sure your app is always among the best? To measure abstract qualities like “usefulness” and “relevance,” stores use objective metrics: number of installs, average user rating, average usage time, in-app spending, and so on.

Individually, these metrics aren’t very effective, since they can be interpreted in different ways. For example, a more comprehensive drug reference app might have fewer installs than a less complete one if the latter was published earlier and had time to build up traffic.

And, of course, almost all quantitative metrics can be manipulated. The simplest is to inflate install numbers using bots or incentivized installs (called “motivation” in pirate slang).

Currently, Google uses a combination of all measurable factors for ranking, and the formula is constantly tweaked to “improve”—or rather, to increase the platform’s revenue.

Ways to Make Money with Mobile Apps

You probably already know that you can integrate mobile ads or digital purchases into your app, remembering to give the platform a 30% cut. You can also sell physical goods, just like any online store. Or you can collect user analytics from devices with your app installed and sell that data. All of these are legal ways to make money and usually don’t violate laws or platform rules.

But there are advertisers who pay for every user you bring them (like casinos or banks). They’re happy to share profits with anyone who brings in new clients, and they don’t really care where those clients come from.

Another gray-area method is automatically subscribing users to partner services from mobile carriers (so-called Wap-Click). Setting up such a partner network costs about 300,000 rubles (roughly $4,000).

It’s likely that illegal or rule-breaking monetization methods bring in more money overall than legal ones. That’s what allows mobile pirates to thrive.

The Age of Pirates

Black-hat SEO specialists have many tricks to get websites to the top of search results. The same goes for Google Play search. The main targets for manipulation are user numbers and ratings.

There have long been services that make apps more popular by increasing install numbers, using either bots or real people. Another common service is selling app source codes. The buyer publishes the app and inflates installs. Usually, buyers try to change the app’s appearance (“reskinning” in pirate slang) to avoid the platform removing it as a duplicate.

And finally, the boldest pirates simply steal apps from the store, decompile and deeply reskin them, and pass them off as their own creations.

Where to Get Cheap Installs?

At first, bot makers entered the pirate scene. Bots mimicked user behavior and downloaded apps automatically. More advanced bots could write reviews and leave ratings. The most sophisticated bot owners bought data from real devices and emulated those devices when interacting with the store.

When stores started cracking down on bots, pirates had to involve real users. How? Still through mobile apps. Apps for making money with your phone started popping up everywhere, giving users simple tasks: find a specific app in the store, install it, and leave a review.

With Google Play, there’s an extra requirement—not to delete the app right after installing it. Google quickly learned to spot and remove such reviews based on user behavior patterns.

The system knows that users rarely write reviews or rate apps. If someone suddenly starts doing this, certain conditions are usually met: they’ve launched the app multiple times and spent some time in it. The average time varies by app type. Such a review is considered legitimate. If someone hasn’t left reviews for months and suddenly writes five in one day, it’s probably a bot or a paid user.

The system stores all data and constantly revisits old cases. That’s why Google Play’s user and install stats always lag by two or three days.

Today, you won’t find these “job exchanges” on Google Play anymore. But when they existed, their business model was often a scam. People were given tasks to install apps and write reviews, sometimes with extra steps for promised bonuses. There was a payout threshold (about 10–15 rubles, or 15–20 cents), but as users approached it, the system stopped giving them new tasks.

Clients had different goals: some wanted to surpass competitors in install numbers, others wanted to rank for certain keywords, and some just wanted quick results for reports and bonuses. The service posted tasks and promised to pay users a small amount for each one. Technically, the system owners couldn’t even verify task completion. Store reviews can’t be matched to real devices or users, and they always appear with a delay. At best, they could check if the user had the app installed.

Users were also encouraged to refer others through a referral system. Whether this worked is unclear, but you might have seen reviews in the store urging you to enter a promo code for a bonus.

More expensive and reliable install channels include social networks (VK, Facebook, Odnoklassniki), spam in messengers and email, and ads on Google and Yandex.

Boarding Google Play!

Firing single shots at the market brings results, but they’re minor. That’s why pirates, exploiting a loophole in Google Play’s rules, create app builders—programs that let you publish dozens of nearly identical apps with different content. For example, coloring books or puzzles for kids, each with different image sets. Each app gets a unique description, expanding search coverage.

To climb search rankings and outdo competitors, pirates buy a certain number of incentivized installs for each app. The number varies depending on factors like app category and competitor install counts.

To bypass automated app checks, pirates often use the same techniques as malware authors. If they don’t want to spend on obfuscation, they use detection tactics: if the app sees it wasn’t installed from the store and the user has a Google-owned IP address (likely a moderator), it hides all the bad stuff. If it’s a regular user, the full content and features are shown.

Google Play’s Countermeasures

Recently, an article on Habr described how developers automated the creation and publication of low-quality, cookie-cutter apps and made $50,000. All those apps have since been removed, as Google now uses AI to analyze apps.

These smart algorithms don’t just check new apps—they’ve also analyzed all existing ones. The AI finds links between developers and identifies related Google Play accounts.

According to platform rules, if a developer account is banned, that person can’t publish apps anymore. To enforce this, Google uses all the data it has—collected from millions of users worldwide.

Sometimes, thanks to this “artificial idiot,” not only pirates but also honest developers get caught in the crossfire. Google Play’s rules are so broad that, if strictly enforced, almost any app could be removed. Meanwhile, some favorites aren’t banned even for obvious violations, as has happened before.

How do pirates recover after losing everything? They just pretend to be someone new: buy a new computer, get a new internet connection, set up a new payment card, email, and phone number. And, of course, deeply reskin all their apps.

Leave a Reply