alt Hacker NewsThat's exactly why I didn't want to trust this app with a google account, it's mandatory to use it. SmartTube also requires permission to install applications for it's updater feature so it's also possible if the attack was targeted for the malware to install another app to get persistance.
Replies
kasabali • today at 8:39 AM
> it's mandatory to use it
I've been using it for years and I've never had to sign in.
Although it's very unfortunate this happened, and it shows a lack of security practices, this could happen to any all developer. Compromising other apps you do install.
On my TV the app vanished and after some searching, it was disabled. I was kinda afraid Google had finally (ab)used it's Play Services power to ban it. But luckily it was because the developer marked it as compromised. All and all impact was minimised this way.
I doubt your statement about requiring a Google account to be connected, as you can also import subscriptions instead of granting access to your account.