SmartTube, a popular app that lets people watch YouTube on Android TV without ads, is in serious trouble. A hacker managed to steal the developer’s digital signing keys—the security tools used to prove an app is genuine. With these keys, the attacker pushed a malicious update to users that appeared to be a legitimate release.
The compromised version contains a secret file called libalphasdk. So. This file does not belong in the app’s code. Instead, it runs in the background, registers the TV with a remote server, and keeps a connection open without telling the user. This behavior looks a lot like spyware. Google Play Protect spotted the problem first and started blocking people from installing the app, which immediately panicked the community.
Yuriy Yuliskov, the developer behind SmartTube, confirmed the breach. He admitted that an attacker stole his keys and added malicious code. Yuliskov described the hidden file as “unexpected and suspicious” and told users to be careful. He has since revoked the old signature, so the hacker can’t use it anymore, and is currently building a clean version of the app.
However, the situation remains messy. The developer hasn’t fully explained how the hack happened or exactly which specific versions are infected. This lack of information has frustrated long-time users. While some report that older versions, such as 30.19, seem safe, there is no official confirmation yet.
If you use SmartTube, you need to act now. Turn off automatic updates immediately. If you recently updated the app, delete it and try to install an older version. It is also a smart move to change your Google Account password and check your recent login activity to ensure no one else has accessed your data.
Yuliskov promised to fix the issues and publish a safe version to the F-Droid store soon. This incident is a harsh reminder that even trusted community projects can become dangerous if a hacker steals the keys. For now, keep your guard up and wait for the all-clear.
