For all developers using or considering Widdit, here is something that they do not mention to you!
They had Litecoin mining code in its SDK!
Lookout Security discovered this and Widdit admited it to them.
Here is the news Lookout published a few days ago.
I wonder that this was not done more often … cryptocoin is full of black sheeps … and currently mining is unprofitable anyway :-p
I knew it. They were ALWAYS full of crap!
As an innovate company we always look for new way to improve productivity and explore opportunities driven by technology.
With mobile devices having a lot of computing power as they do today, we wanted to explore the option of using the mobile cpu while its idle and charging to solve the challenge of distributed computing, which can be used for decoding the human genome, singles from space, cancer and such other complicated tasks.
We’ve then created a few standalone applications for the purpose of testing if this direction is worth exploring, while the easiest distribute problem was lite coin.
After a short while we decided not to procedure this direction and removed or cleared every application that participated in this experiment.
None of our SDKs, publishers or other services were part of this experiment which ended a few months ago while the code still was in our infra-structure.
Lookout reached us about the remaining code and it was cleared in a few hours and the matter resolved.
If you’re still having doubts we encourage you to read Lookout’s post to the end, and see Lookout are also sharing the understanding that our services are safe and secure.
Feel free to contact anytime:
CPU needs electricity to work and electricity costs money - so if you use the cpu without knowledge by the user, you actually steal it Pretty sure, people do not like such things
Yes we have read the post all the way to the end and it clearly states that you had the mining code in your SDK’s.
Here it is from Lookout: "Earlier versions of the Widdit SDK had the mining code baked-in. "
And then: “The later version of the SDK downloaded the mining code dynamically along with additional code at runtime.”
Also, it is not about whether it was safe and secure. Ii is DISHONEST not to tell your “partners” (as you call them) what you are doing, as well as the user that you could/will/ or have used their devices and electricity for mining virtual currency.