Neige: Archives

2026-05-29T15:11:40Z

Louis: new article on motorola smart feed quietly injecting amazon affiliate codes via the moto app launcher, with the device native partnership, the kira-abboud.com intermediary, the unintended statement, and the honey/superfish backdrop

2026-05-28T01:14:30Z

new article on motorola smart feed quietly injecting amazon affiliate codes via the moto app launcher, with the device native partnership, the kira-abboud.com intermediary, the unintended statement, and the honey/superfish backdrop

New page

{{IncidentCargo
|Company=Motorola
|StartDate=2026-05
|EndDate=2026-05-27
|Description=Preinstalled Motorola Smart Feed app silently rerouted Amazon Shopping launches through an affiliate tracker, capturing commission on organic purchases.
}}

'''Motorola Smart Feed Amazon affiliate hijacking''' was a May 2026 incident in which a preinstalled system app on several Motorola smartphones, Smart Feed version 2.03.0070, silently intercepted user attempts to open the Amazon Shopping app from the device's app drawer & rerouted the launch through Google Chrome to an ad-tech intermediary (devicenative.com) that appended the Amazon Associates affiliate tag <code>sramz-kff-008-20</code> before delivering the user to Amazon.<ref name="9to5g-may25">{{Cite web |last=Schoon |first=Ben |title=Motorola phones have started hijacking the Amazon app to insert affiliate codes |url=https://9to5google.com/2026/05/25/motorola-amazon-app-hijacking-behavior/ |publisher=9to5Google |date=2026-05-25 |access-date=2026-05-27}}</ref><ref name="ac-may27">{{Cite web |last=Diaz |first=Nickolas |title=Motorola was accused of slipping an affiliate link to users' Amazon purchases when using the app, discovered on its recent 2026 foldables |url=https://www.androidcentral.com/phones/motorola/motorola-affiliate-codes-your-amazon-orders-states-this-was-unintended |publisher=Android Central |date=2026-05-27 |access-date=2026-05-27}}</ref> TechRadar wrote that Motorola was, in effect, quietly collecting an affiliate fee on every Amazon purchase its users made from the app drawer.<ref name="techradar">{{Cite web |title=Is this the Honey scandal all over again? Motorola phones caught adding affiliate codes to Amazon orders |url=https://www.techradar.com/phones/motorola-phones/is-this-the-honey-scandal-all-over-again-motorola-phones-caught-adding-affiliate-codes-to-amazon-orders |publisher=TechRadar |date=2026-05-26 |access-date=2026-05-28}}</ref> Motorola, a [[Lenovo]] subsidiary, called the behavior ''"unintended"'' on May 27, 2026 & deployed a server-side routing-configuration fix the same day.<ref name="9to5g-may27">{{Cite web |title=Motorola says Amazon app affiliate behavior was "unintended," routing config fixed |url=https://9to5google.com/2026/05/27/motorola-amazon-app-unintended/ |publisher=9to5Google |date=2026-05-27 |access-date=2026-05-27}}</ref>

== Background ==

Smart Feed is a hidden, preinstalled system component on Motorola Android devices that powers the ''"app search and suggestion experience"'' inside the Moto App Launcher.<ref name="9to5g-may27" /><ref name="ac-may27" /> The component is built into Motorola's launcher and is capable of intercepting the click action that fires when a user taps an icon in the app drawer.<ref name="9to5g-may25" />

Device Native, an ad-tech firm that markets itself as a provider of ''"personalized, on-device mobile ads,"'' built the integration jointly with Motorola & published a developer guide for the Moto App Launcher before the incident became public.<ref name="ap">{{Cite web |last=Pandey |first=Rajesh |title=Your Motorola phone might be secretly monetizing your Amazon clicks |url=https://www.androidpolice.com/motorola-phone-might-secretly-monetizing-your-amazon-clicks/ |publisher=Android Police |date=2026-05-26 |access-date=2026-05-28}}</ref><ref name="msyrup">{{Cite web |title=Motorola confirms its phones were 'hijacking' the Amazon app |url=https://mobilesyrup.com/2026/05/27/motorola-confirms-its-phones-were-hijacking-the-amazon-app/ |publisher=MobileSyrup |date=2026-05-27 |access-date=2026-05-28}}</ref>

Lenovo, Motorola's parent, has a prior Federal Trade Commission settlement over preinstalled-software misconduct (see [[#Lenovo's prior Superfish settlement|below]]).

== The interception ==

Smart Feed v2.03.0070 was the only build to exhibit the redirect. Devices on the prior build, v2.03.0056, did not exhibit it, & the redirect only fired when the user launched Amazon from the app drawer; opening Amazon from a home-screen shortcut, the recent-apps menu, or a widget bypassed the interception entirely.<ref name="9to5g-may25" /><ref name="newsx">{{Cite web |last=Ziyauddin |first=Syed |title=Motorola Smart Feed Controversy: Users Claim Amazon App Launches Were Hijacked With Hidden Affiliate Links |url=https://www.newsx.com/tech-and-auto/motorola-smart-feed-controversy-users-claim-amazon-app-launches-were-hijacked-with-hidden-affiliate-links-226594/ |publisher=NewsX |date=2026-05-27 |access-date=2026-05-28}}</ref>

An Android Debug Bridge (ADB) network log captured by a user who reported it on May 25, 2026 first surfaced the behavior publicly, showing Smart Feed firing a click action against the Amazon Shopping app & a background HTTP request to devicenative.com to fetch the targeting & affiliate parameters. 9to5Google reproduced the behavior on a Motorola Razr Fold the same day, publishing a video that captured a brief Chrome window flashing on the screen before Amazon opened, & described the user-visible flow as a ''"blink and you missed it"'' moment.<ref name="9to5g-may25" />

Tapping the Amazon Shopping icon in the Moto App Launcher's app drawer triggered the following sequence: Smart Feed intercepted the launch intent; Chrome briefly opened in the foreground; Chrome issued a request to devicenative.com, which redirected through a second domain, <code>kira-abboud.com</code>; that domain in turn issued a redirect to amazon.com carrying the affiliate tag <code>sramz-kff-008-20</code>; finally the Amazon Shopping app opened with the affiliate cookie attached to the session.<ref name="9to5g-may25" /><ref name="newsx" />

Independent reproduction by tech press confirmed the behavior on the Motorola Razr Fold & the Motorola Razr 60 Ultra.<ref name="9to5g-may25" /><ref name="ap" /> Notebookcheck reported that the Motorola Edge 70 ships with the same preinstalled Smart Feed app.<ref name="nbc">{{Cite web |last=Brecher |first=Hannes |title=Motorola smartphones hijack shopping apps to make money from sales |url=https://www.notebookcheck.net/Motorola-smartphones-hijack-shopping-apps-to-make-money-from-sales.1306845.0.html |publisher=Notebookcheck |date=2026-05-26 |access-date=2026-05-28}}</ref> 9to5Google tested a Motorola Razr (2026) & a Moto G Stylus (2026) running the same Smart Feed build & could not reproduce the redirect on either, indicating the targeting configuration on Device Native's server was scoped to a subset of US devices rather than to every install of v2.03.0070.<ref name="9to5g-may25" /> Motorola later stated that the issue was limited to users in the United States.<ref name="9to5g-may27" />

== The intermediary domain and the affiliate tag ==

The second hop in the redirect chain, <code>kira-abboud.com</code>, presents the branding of fashion influencer Kira Abboud, who publishes on social media under the handle @kirasfashionfinds.<ref name="9to5g-may25" /><ref name="ap" /> Journalists who compared the injected tag against the affiliate codes Abboud publishes on her own channels found that <code>sramz-kff-008-20</code> did not match any of her published tags, & no reporting surfaced any evidence of a direct relationship between Abboud & Motorola or Device Native.<ref name="9to5g-may25" /><ref name="droidlife">{{Cite web |title=Motorola phones are hijacking links to make affiliate cash |url=https://www.droid-life.com/2026/05/26/motorola-phones-are-hijacking-links-to-make-affiliate-cash/ |publisher=Droid Life |date=2026-05-26 |access-date=2026-05-27}}</ref> Reporters at Droid Life & Android Police described the most plausible reading as the influencer's brand being used as a shell by an intermediary in the ad network, with the ultimate recipient of the Amazon Associates payouts unknown to the public.<ref name="droidlife" /><ref name="ap" />

The entity collecting the commissions tied to <code>sramz-kff-008-20</code> has not been publicly identified in any reporting on the incident.<ref name="droidlife" /><ref name="ap" />

== Revenue impact ==

Because Smart Feed injected its tag every time a user opened the Amazon app from the drawer, any subsequent purchase the user made on Amazon credited the injected tag rather than the user's own browsing path. TechRadar summarized the effect as Motorola ''"quietly"'' collecting an affiliate fee on purchases it had no involvement in.<ref name="techradar" /> Notebookcheck observed that the practice does not raise the prices consumers pay; instead, the manufacturer extracts a sales commission from Amazon's affiliate program without disclosure.<ref name="nbc" />

TechRadar & Mashable both drew the parallel to the [[Honey (PayPal) browser extension affiliate hijacking|Honey]] class action against PayPal, in which a browser extension was accused of swapping creators' affiliate codes for its own at checkout.<ref name="techradar" /><ref name="mashable">{{Cite web |last=Binder |first=Matt |title=Motorola phones are reportedly injecting affiliate codes into the Amazon app |url=https://tech.yahoo.com/phones/articles/motorola-phones-reportedly-injecting-affiliate-173417588.html |publisher=Mashable |via=Yahoo Tech |date=2026-05-26 |access-date=2026-05-28}}</ref>

== Motorola's response ==

Device Native made no public statement during or after the incident. The company removed its Moto App Launcher integration guide & subsequently took down the rest of its public-facing developer documentation site.<ref name="msyrup" /><ref name="9to5g-may25" />

Motorola issued a statement to multiple press outlets on May 27, 2026. A Motorola spokesperson told 9to5Google, Android Central, & other outlets:

<blockquote>''Motorola and Device Native jointly developed an app search and suggestion experience for the Moto App Launcher, designed to help users quickly find and launch apps they already have installed on their devices. Recently, Motorola acted quickly to resolve an issue that was identified, which caused some users in the U.S. launching the Amazon Shopping app to be routed through a web tracking link before opening the app. This behavior was unintended and resulted in an inconsistent user experience. Upon identifying the issue, we promptly corrected the routing configuration. Users can now expect all installed apps to launch directly as intended. Motorola takes user experience, privacy, and platform integrity seriously and will continue to closely monitor the system to ensure expected behavior across devices. We are committed to responsible disclosure, and to transparent, collaborative engagement with researchers to identify and address potential issues swiftly.''</blockquote><ref name="9to5g-may27" /><ref name="ac-may27" />

The fix was deployed server-side as a routing-configuration change, ending the redirects on affected devices without requiring users to install an updated version of Smart Feed.<ref name="9to5g-may27" /><ref name="msyrup" />

== Legal context ==

=== Honey class action ===

The pending litigation TechRadar & Mashable pointed to is ''Wendover Productions, LLC et al. v. PayPal Inc.'', filed in California federal court & consolidated with more than two dozen similar actions into ''In re PayPal Honey Browser Extension Litigation''.<ref name="orrick">{{Cite web |title=PayPal Secures Another Victory in Consolidated Honey Browser Extension Cases |url=https://www.orrick.com/en/News/2025/12/PayPal-Secures-Another-Victory-in-Consolidated-Honey-Browser-Extension-Cases |publisher=Orrick, Herrington & Sutcliffe LLP |date=2025-12-03 |access-date=2026-05-28}}</ref><ref name="cohen-milstein">{{Cite web |title=In Re PayPal Honey Browser Extension Litigation |url=https://www.cohenmilstein.com/case-study/in-re-paypal-honey-browser-extension-litigation/ |publisher=Cohen Milstein Sellers & Toll PLLC |access-date=2026-05-28}}</ref> The plaintiffs, content creators including bloggers & social-media producers, allege that PayPal's Honey browser extension diverted their affiliate commissions by manipulating tracking cookies at checkout.<ref name="cohen-milstein" /> On November 21, 2025, the court dismissed the consolidated complaint without prejudice, ruling that the plaintiffs had not adequately pleaded a cognizable injury traceable to PayPal; the court granted leave to amend & the case remains active.<ref name="orrick" />

=== Lenovo's prior Superfish settlement ===

The Motorola incident is the second advertising-injection matter involving Lenovo-branded consumer hardware. Beginning in August 2014, Lenovo shipped consumer laptops with VisualDiscovery, advertising software developed by Superfish, Inc. that acted as a man-in-the-middle on encrypted web traffic to inject pop-up ads. In September 2017, Lenovo settled charges brought by the Federal Trade Commission & 32 state attorneys general over the practice; the FTC settlement prohibited Lenovo from misrepresenting features of preloaded ad-injecting or data-transmitting software, required Lenovo to obtain consumers' affirmative consent before pre-installing software of that kind, & required Lenovo to implement a software security program for most preloaded software for 20 years.<ref name="ftc-superfish">{{Cite web |title=Lenovo Settles FTC Charges it Harmed Consumers With Preinstalled Software on its Laptops that Compromised Online Security |url=https://www.ftc.gov/news-events/news/press-releases/2017/09/lenovo-settles-ftc-charges-it-harmed-consumers-preinstalled-software-its-laptops-compromised-online |publisher=Federal Trade Commission |date=2017-09-05 |access-date=2026-05-28}}</ref>

== See also ==

* [[Lenovo]]
* [[Motorola]]
* [[Honey (PayPal) browser extension affiliate hijacking]]
* [[Superfish]]

== References ==

{{reflist}}

[[Category:Incidents]]
[[Category:Motorola]]
[[Category:Lenovo]]
[[Category:Preinstalled software]]
[[Category:Affiliate marketing]]

Motorola Smart Feed Amazon affiliate hijacking - Revision history

Neige: Archives

Louis: new article on motorola smart feed quietly injecting amazon affiliate codes via the moto app launcher, with the device native partnership, the kira-abboud.com intermediary, the unintended statement, and the honey/superfish backdrop