Search code examples
androidgoogle-playcrash-reports

Suspicious non-user errors reported after deploying to Google.Play

After deploying new version to Google.Play with enabled crash reporting (by Crashlytics) I see reports about weird crashes:

  1. Activity is started without required parameter in Intent. But this activity is not exported (no intent-filter, no explicit exported="true" in manifest)
  2. Same for intent service

What's weird:

  1. Some parameters which are set on first start of app by user are not set (these parameters are always shown for normal crash report). Without setting them app can't work and user can't get to the point where this activity/service is started.
  2. No such errors during testing our app. No problems with our code found.
  3. Device on which errors occur:
    • No device id as usual (Nexus, Samsung, etc.) but shown as 'generic'
    • Android 2.3.4
    • Rooted

These characteristics are common for all three errors.

This leads me to a thought that may be someone is trying to start components of app, after reading them from manifest. May be searching for vulnerabilities.

My question is, have you seen such errors and do you have any ideas what can be their cause?

Solution

  • My question is, have you seen such errors and do you have any ideas what can be their cause?

    Not such errors exactly but cases where users used tools which interfered with an app on a low level causing similar problems.

    My best guess, based on your observations, is that your assumption of a user deliberately starting components of your app is correct.