[WateryRaccoon]

One theory we came up with is that our competition could be trying to get our app marked as spam or malware, and thus booted from the Play Store. If they have some sort of exploit that allows them to install arbitrary .apks on hundreds of thousands of Android devices, which seems probable if this is a malicious attack, it's unclear to me what we could do to prevent them from spamming our .apk to these users.

[marko0172]

Probably someone with your app installed copied their android image across a bunch of cheap phones at once.

[WateryRaccoon]

Interesting.. I don't think this would explain the users who claim the app keeps coming back after they've removed it? Is installing Android from another user's image a popular thing?

[mcslick12]

It's possible, if that image has a startup script to fetch the .apk from a third party source & install it. I've put custom/specialty ROMs on old Android devices in the past and they often come with random apps I don't need and uninstall on first boot.