[alexbakker]

It sucks to see your open source work being abused like this, and there's seemingly nothing we can do about it.

Every now and then I scour the play store to see if I can find any Aegis clones. We've reported a couple that didn't have a link to the source code and/or were linking proprietary libraries (as per our license), but they're still up. Of course, those cases aren't as bad as this one where actual malware was included, but it's pretty telling about the state of the Google Play Store.

[sschueller]

Either way Google should be contacting the relevant police in the country the owner of the account lives. A developer account is not free so someone had to pay, if the credit card was stolen then also report that to Visa etc.

If Google doesn't have enough information then maybe they should require a government ID to get a developer account. I mean Facebook requires ID for some users.

[Aulig]

If deemed high-risk, Google already asks for proof of identity whe registering a developer account

[0xdeadb00f]

Aegis is my TOTP app of choice! Keep up the great work, I really love it.

[alexbakker]

Glad to hear you like it!