A long time ago when I covered root, rooting, and root development as my passions in the Android community I ran across at least three types of scammers who were using the community and people’s lack of knowledge of what was involved in development, to garner donations for themselves, and stoke indignant outrage against people who actually were producing content.
One of these scams with rooting involved a “development group” who would encourage their members to participate by bittorrent seeding tools, so their “overseas affiliates” who were, of course, on the worst internet in the world could grab them on their poor connection, donate money of course to the high cost of researching exploits, and when a real developer/hacker actually got root they would write up massively fake chat logs to claim they’d come up with the exploit and the real developer had stolen it from them. They also sold merch.
Scams with user participation seemed to work. People got emotionally defensive to The Cause.
Another donation scam I saw repeated on device after device involved releasing a “high performance highly modified” kernel. Of course soliciting donations for this as well. In one case a group released the stock kernel with instructions how to flash it, when confronted with it being the same size, checksum, etc as the stock kernel made up some BS about how of course it was the same size they tweaked, didn’t add, and that people were smart enough to see the performance gains for themselves (there were none). One group released someone else’s work with a different signature, GitHub proved it with timestamps.
The problem here is without a programming background most people don’t know how to look at things like GitHub and check file dates and commits, don’t understand that you can’t change one bit of a kernel without the CRC/MD5 changing, and most people feel like any effort they’ve invested in attempting to make their phones or devices faster should pay off and is. They don’t want to believe they’ve just spent the past 36 minutes flashing a kernel and rebuilding a cache just to have no performance increase (plus post cache rebuild phones were faster for a while.)
The general M.O. of these groups and scammers was to have a group of friends or associates pile on with praise, have one or two actual accomplishments visible publicly, claim other people’s efforts as their own, answer exceedingly vaguely, and distract with personal life stories (sorry guys, can’t work on root today my kid’s got the flu, but we did break bootloader encryption and are “very close”.)
Repackage, claim credit, claim performance, claim benchmarks don’t show it you’ll feel it, also you’re more secure. it’s coming.
There’s a joke… “how do you keep an idiot in suspense…”
One of the other scams was features coming soon: pay me to develop them. These were very hard to track because of how Android development went. Feature would pop up on Scam ROM X after it popped up on Legit ROM Y and you never really had a clue if it was similar timing, or totally lifting parts from Legit ROM Y and using them uncredited and soliciting donations for someone else’s work, but the track record was the same every time – it’s coming, it’s almost here, wait for it, oh look me and X got it out at the same time good for him but I did this on my own and he’s obviously been following me.
I was contacted by several developers years back with supposed proof they were being ripped off, but once again it came down to was Pocketables going to push articles that were he said/she said? Were we going to pay a professional to look into the claims? Was the person claiming fraud going to do anything in the legal realm or were we going to post something that could get us sued?
Yeah, at the time at $10 an article and new baby in hand, picking a fight with people who had no problem directing people to DDOS, DOX, etc was not something anyone was interested in.
You might recall I didn’t own Pocketables, I was an employee. Exposing $600 in fraud on a website that was getting 43 million views a month at that point was not something anyone was interested in. Less so when Pocketables was bought by CG. Or at least that’s how I recall it. It’s been a while. I did a little bit on XDA of posting some info, but for the most part watched as even if you got proof, the followers of the scammers would keep following the scammer and not use the mental energy to realize they were being fleeced.
They’d also create websites when banned from XDA showing their bans as badges of honor to rile up indignant outrage from the people who had donated to their cause. It was really really no different than modern politics it seems.
I write this as I’ve got some news in my inbox I’m debating covering.