It Has Finally Begun: Google Play Has Started Identifying the Vanced Manager as A Harmful App
YouTube Vanced officially shut down its operations on March 14, 2022 and left the world with a message that basically told them to make the best use of these last precious moments. Even though the Vanced project had shut down due to legal pressure from Google, the app itself did not suddenly go out of order and was actually expected to work for up to 2 years, according to the developers of Vanced itself.
I personally haven’t had an issue with YouTube Vanced installed on multiple devices at home but people have started to see some glitches and weird bugs here and there, signifying the end-of-life status of the app. However, the latest nail in the series of nails in the coffin is perhaps the biggest one yet, and one that suggests that the app might break much sooner than expected.
Vanced Manager is “harmful”
A few users on Reddit have started sharing screenshots of their phones receiving a Google Play Protect notification identifying the Vanced Manager as a harmful app. Google Play Protect is basically an antivirus of sorts built into Google Play services itself that evaluates installed apps on your phone to see if they’re a threat to the phone’s security or not. Now, it is recommending users to uninstall the “harmful” Vanced Manager app.
Vanced Manager is a storefront for YouTube Vanced and Vanced Music. It’s kind of like the Epic Games Store app that you first need to download in order to sideload Fortnite on your phone. Epic does this to evade Google’s cut on apps in the Play Store, but Vanced did this because, well, it wasn’t the most legal thing out there and being available on Google Play would expose it to a lot more eyes, which would alert Google and the app would be removed instantly.
Regardless, Google Play Protect now scanning and declaring the Vanced Manager as a harmful app that should be deleted is concerning to say the least, and not from a security standpoint. In my experience of using the app for the past few years, it is highly secure and void of any kind of malware, it’s one of the reasons why Vanced was a close-sourced project: to ensure security and protection for the user.
The reports of users getting this notification are widespread across both Reddit and Twitter at this point. I have not received the notification on my OnePlus 7T device, though my phone has an unlocked bootloader with a modified kernel, which might have something to do with it. Nevertheless, these widespread reports make it clear that Play Protect is targeting the app universally and it is not a per device thing.
Valid security concern or orchestrated crackdown?
It should be noted that according to Google’s own rules on what can create a potential security issue and trigger Google Play Protect, there are two things within Vanced that can cause this. First, Vanced does constitute as allowing users to modify an app to gain elevated access (YouTube with no ads for free), which is considered potentially harmful.
But, more importantly, any app that can work with root access is also seen as potentially harmful. As the following tweet mentions, Vanced allows installation on rooted devices which could’ve triggered Play Protect to mark it as harmful, but again, that does not explain why it happened all of a sudden and why only after Google has taken legal action against Vanced. This all seems more deliberate than conditional.
It would be a stretch to say that users getting this notification would all of a sudden go into a frenzy and panic-delete the app as those who download Vanced generally already know the ins-and-outs of sideloaded APKs in the first place, so a Play Protect prompt won’t scare them off. That being said, it is still a sad sight to see as Google has finally begun its active siege on Vanced to kill the app for good, so let’s just hope Vanced doesn’t fall without a fight.