Skip to main content

Why do people still trust Cheetah Mobile in 2018?

It’s pretty safe to assume that almost everyone has used a Cheetah Mobile app before, prime examples include Clean Master or CM Launcher 3D. Even if you have never heard of them, dozens of other apps and games like TikTok (formerly Musical.ly) are at least indirectly connected to, funded or owned by Cheetah Mobile. After all, they’re the 4th largest publisher on Google Play Store and the Apple App Store after Google, Facebook and Apple. We’ll get to that later. If you are still using any of their apps, it’s time to stop doing so right now. Let me tell you why.

A huge web of trash

First of all, let’s clear something up. Cheetah Mobile isn’t an Android app company, they are an AI/big data company and on their LinkedIn company page they even dream about robots and changing the future.

“So why do they make utility apps in the first place?”, you might ask. The answer to that is quite simple. They want your data and they happen to have found a weak spot. For some reason a lot of Android users download boosters, launchers, and battery savers without thinking twice, assuming that it is normal for these kinds of apps to request every permission Android offers. Speed booster apps really weren’t even a thing before Clean Master came around, and nowadays the Play Store is literally plagued by them. If you take a closer look at them and the names behind them you will soon find yourself entangled in a web of tiny companies which all received mysterious funding from Cheetah Mobile (or other shady companies like DU Apps). If you go a step further and actually take the apps apart you’ll find libraries provided by Cheetah Mobile pretty much every time.

Let’s take a look at Boost Master for an example, at the right you can see the privacy policy linked in the listing and inside the app
Let’s take a look at Boost Master for an example, at the right you can see the privacy policy linked in the listing and inside the app
A quick look on whois.com and crunchbase reveals that the domain is owned by Kika Tech, an “AI” company funded directly by Cheetah Mobile
A quick look on whois.com and crunchbase reveals that the domain is owned by Kika Tech, an “AI” company funded directly by Cheetah Mobile

I could now spend hours explaining why cleaner/booster apps are bad and you shouldn’t use them, but that’s a topic for another post and has also been covered before.

Cheetah Mobile sells your data and it’s not even a secret

“But guys, you still haven’t shown any proof that they are selling our data!” Cheetah Mobile’s official website should be good enough proof, right? Well, that’s exactly what I can provide.’

This official Cheetah Mobile website (https://data.cmcm.com) should probably be proof enough, right?
This official Cheetah Mobile website (https://data.cmcm.com) should probably be proof enough, right?

I first discovered Cheetah Data a few months ago, and while I wasn’t really surprised by it’s existence, it still was amazing to see how big of a deal this really is. I obviously had to go ahead and register for a limited, free account to check out what kind of data they actually collect. And boy, do they collect a lot! If you are a developer yourself you probably know Google Analytics and the kind of statistics it provides you with. Imagine this, but for all applications, including your competition. Updated every two days.

Cheetah Data essentially allows paying users to get full analytics and profiles of the users of any app
Cheetah Data essentially allows paying users to get full analytics and profiles of the users of any app

Yes. Cheetah Mobile apps not only collect statistics while you’re using them, they also analyse which apps you use, at what time, and for how long. The fact that all of this data is being sold openly makes me suspect that this is just the tip of the iceberg.

They aren’t even ashamed to tell us how they get their data
They aren’t even ashamed to tell us how they get their data

When I say Samsung and Microsoft are sellouts, I mean it

You might be wondering what this has to do with this post right here and you are right to ask so. Samsung’s Android software happens to have a storage cleaning tool, which you might consider a nice to have feature at first… until you look at it a little closer.

That’s interesting, to say the least
That’s interesting, to say the least (source: Reddit)

Clean Master, just like many apps, happens to be developed by Cheetah Mobile. The app on the Google Play Store has over 1,000,000,000 downloads and this number keeps rising. For every person that downloads them, Cheetah Mobile gets more and more data from users. It may be a risky bet, but I’m pretty convinced that almost everyone who uses an Android phone has at some point used an app that is at least indirectly connected to them.

Why would more than a billion people downloads this…
Why would more than a billion people downloads this…

Oh, and if you ever happen to be wanting to install Clean Master on your Samsung Galaxy but don’t know how to do so, there is no need for you to worry. Samsung has you covered with an official guide on how to install said app.

I am not really sure if this guide is really helping anyone at all
I am not really sure if this guide is really helping anyone at all

Now, what does Microsoft have to do with all this? To show you this we’ll need to take a closer look at the Play Store description of CM Launcher 3D to uncover this:

Wait… They actually did that?
Wait… They actually did that?

Oh, by the way

Even if you have never used any shady utility apps before you’ve most probably downloaded at least one of the viral games of the past years like Piano Tiles, chances are that game has been created by Cheetah Games or another company magically funded by CM. Other apps and companies Cheetah Mobile owns you might not have realized include TikTok (formerly Musically) and Live.me, a live-streaming service.

Musical.ly and Cheetah Mobile merged last year. Social networks are known for pulling every little piece of data from their users. After this merger, Cheetah Mobile developed their own app, TikTok. Musical.ly happened to be shut down and switched over to TikTok. Musical.ly even shut down their live streaming service live.ly and encouraged users to switch over to Cheetah Mobile’s LiveMe.

At this point it should be clear that they do everything in their power to collect data in every field out there, so it would only make sense to also have a browser on the app palette, wouldn’t it? Presenting you “CM Browser”, made to send your juicy browser history and usage data over to your new favorite multimillion-dollar company, ready to be shared with God and the world.

And of course they label it as a secure browser, with your privacy in mind (duh)
And of course they label it as a secure browser, with your privacy in mind (duh)

TL;DR:

CM solely makes apps to mine data. They sell that data. There is basically nothing they are not collecting. If you have one of their apps installed, anyone can go ahead and analyze how you are using your device and what you’re doing with it. You become part of a big data pool.

If any of your friends are using Cheetah Mobile software make sure to tell them about this and link them here. You’re also free to quote this post if you are reporting about this issue as well. If you have found other scummy apps/developers or just want to know if an app you are using is tracking you, contact me on Twitter.

I’d also like to thank Christopher Kardas, co-founder of Melon Pancakes (the publication this article got published in) who wrote this story together with me as well as and Max Weinbach for their feedback and input during the writing of this post. They were a big help when it came to publishing, unveiling and spreading this story!