October 15, 2018
CONFIDENTIAL / OFF-THE-RECORD / NOT FOR PUBLICATION
VIA EMAIL
Mr. Craig Silverman
BuzzFeed, Inc.
111 E. 18th Street
13th Floor
New York, New York 10003
Email: craig.silverman@buzzfeed.com
Re:

Fly Apps LTD - BuzzFeed

Dear Mr. Silverman:
As you are aware, we have been retained by Fly Apps LTD (“Fly Apps”) in connection
with this matter. We write concerning the article you are writing about Fly Apps and, more
specifically, Mr. Silverman’s email to Mr. Omer Anatot, dated October 9, 2018.
Based upon our initial review of Mr. Silverman’s communications with our client, it
appears that you intend to publish various false, defamatory, and highly damaging statements
about Fly Apps and certain of its owners, including that Fly Apps is at the heart of and key
beneficiary of a spoofing scheme involving more than sixty (60) applications which has stolen an
estimated $750 million in advertising revenue. Your intended article purports to rely on a
Pixalate blog post, dated June 12, 2018, entitled “Pixalate Uncovers Apparent Example of
Sophisticated Mobile App Laundering”, located at: https://blog.pixalate.com/mobile-applaundering-bundle-id-megacast-alleged-sophisticated-invalid-traffic-ad-fraud (the “Pixalate
Article”).
Please be advised that my client categorically denies these very serious and false
allegations, which if published, would cause tremendous harm to it. Fly Apps’ applications are
loved by many, and have a significant amount of users. Fly Apps is a reputable application
developer, which has long been supported by advertising partners and advertising verification
companies. Fly Apps would not, and did not, perpetrate the alleged spoofing scheme, and has
always aimed to maintain the traffic quality of it applications at the highest levels. If anything,
Fly Apps has been a victim of that scheme.
First, Fly Apps was not involved in “all 60+ apps identified by Pixalate” as Mr.
Silverman’s email falsely claims. Fly Apps was involved with only three (3) of the

{00094773;2}

 Mr. Craig Silverman
October 15, 2018
Re: Fly Apps LTD – BuzzFeed
Page 2
applications— MegaCast, Restaurant Finder, and EverythingMe. Fly Apps did not develop these
applications to participate in the alleged spoofing scheme or knowingly engage in the scheme
through these applications. Rather, after the Pixalate Article was published, in response to an
inquiry by one of its advertising partners, Fly Apps investigated and discovered that the
advertising software development kit (“SDK”) it had been running was falsifying traffic. Fly
Apps promptly removed the compromised SDK. Based upon Fly Apps’ internal investigation,
the corrupt SDK affected only 9.5% of Fly Apps’ traffic. As you should know, application
developers like Fly Apps routinely use third party SDK’s to maximize their revenue and it was
not unusual or suspect for Fly Apps to have done so here.
Second, MegaCast, as your article intends to falsely report, is not the main beneficiary of
an elaborate spoofing scheme set up and executed by Fly Apps. MegaCast (along with
Restaurant Finder and EverythingMe) were used by a malicious SDK to generate false traffic for
other applications, the overwhelming majority of which were operated by entities completely
unrelated to Fly Apps. Fly Apps and its three (3) applications have not benefited from this
scheme, but have instead been harmed by it.
Third, your article intends to report that “Mobilytics, which was key to the fraud, has the
same corporate Malta address, as Fly Apps,” that a “google search of this Malta address written
in the way it appeared in the Play store or on websites brings up results almost exclusively
connected to these apps and Fly Apps,” and that this shows “that all of apps in the spoofing
attack are in fact part of the scheme together.” This is false and defamatory.
Mobilytics appears to have been a domain used by the malicious SDK discovered by Fly
Apps. Fly Apps does not operate or share operations with Mobilytics, and it is false and
defamatory to claim that Mobilytics is operated by Fly Apps at the same office location. We are
aware of no evidence that verifies that Mobilytics or any company related to Mobilytics is
actually located at that address. Further, the Malta address is the address of the third party
registered agent for Fly Apps, which receives notices and correspondence from the government
and other official notifications. It is not Fly Apps’ headquarters or hub of operations. As it is
common practice for companies to designate third party registered agents (like Fly Apps has
done), it is expected that countless other companies have also designated the same third party
registered agent and corporate address as Fly Apps. It is thus not suspicious or notable that other
companies share the same corporate Malta address as Fly Apps. The same is likely also true for
the Bulgaria address identified in Mr. Silverman’s email, though the Bulgaria address relates to
companies other than Fly Apps.
Fourth, the article will purport to report on the allegedly common emails, IP addresses,
and other items amongst the sixty (60) applications and connect them all back to Fly Apps, as the
alleged primary beneficiary of the scheme. This is false and defamatory. As stated above, Fly
Apps is not affiliated with fifty-seven (57) of the applications identified by Pixalate. Fly Apps
outsources a large part of its development work and does not have immediate control over the
administrative tasks related to that work. Fly Apps cannot speak specifically to the fifty-seven
(57) applications that it is not involved with, but it is likely that the shared information that Mr.

{00094773;2}

 Mr. Craig Silverman
October 15, 2018
Re: Fly Apps LTD – BuzzFeed
Page 3
Silverman mentions (i.e., IP addresses, whois email addresses, how the applications were built,
etc.) is due to application developers using the same or common service providers, who in turn
register their own respective emails and addresses for domains and websites, or have a single IP
address from which numerous websites are run, among other things. These alleged
commonalities and strained connections are the practical result from application developers
using the same pool of common service providers within a specific industry. They are not the
result of any illicit conduct by Fly Apps in developing and setting up an intricate web of
malicious applications to create fake traffic and steal hundreds of millions of dollar in advertising
revenue.
Fifth, Pixalate, Protected Media, and similar detection firms, upon which you purport to
rely, are retained and paid for by advertisers, to investigate fraudulent conduct or schemes like
the one alleged in the Pixalate Article. These firms are motivated to “uncover” as much
fraudulent behavior as possible, so as to attract more advertiser and/or ad network clientele. As
such, this raises obvious questions about the objectivity and underlying merits of purported
findings made by such firms. See e.g.., “Anti Ad Fraud Company’s Guide to Countering
Facepalm,” available at http://botlab.io/anti-ad-fraud-company-guide-to-countering-facepalm/
(discussing how findings by ad fraud research firms like Pixalate are targeted toward making the
marketing effort more effective).
Moreover, the timing of the publication of the Pixalate Article in this case further
highlights these concerns with respect to the neutrality and validity of Pixalate’s “investigation”
and findings. Pixalate published the Pixalate Article in June, based upon data from February,
resulting in months where its ad network partners continued to run the so-called fraudulent
traffic. Now, in October, presumably after those ad networks have finished collecting the ad
revenues from the so-called fraudulent traffic, BuzzFeed is proposing to publish its findings.
Thus, we are concerned that the relationship between Pixalate and its ad network partners may
have influenced the Pixalate Article and question why BuzzFeed would continue to rely upon a
potentially biased source such as Pixalate for articles regarding allegedly fraudulent ad traffic.
In light of the foregoing, you are on notice of the true facts with respect to the matters
addressed above. Please be advised that your publication of any false and defamatory statements
regarding the matters addressed herein would be with actual malice and constitute, among other
claims, libel, false light invasion of privacy, and tortious interference with contractual relations.
This would leave Fly Apps with no alternative but to consider instituting immediate legal
proceedings against you and any other individuals and/or entities involved in the publication of
such statements. Should that occur, Fly Apps would assert all available causes of action and
seek the maximum available compensatory and punitive damages.
This letter is not intended as a full or complete statement of all relevant facts or
applicable law, and nothing herein is intended as, nor should it be deemed to constitute, a waiver
or relinquishment of any of my client’s rights, remedies, claims or causes of action, all of which
are hereby expressly reserved.

{00094773;2}

 Mr. Craig Silverman
October 15, 2018
Re: Fly Apps LTD – BuzzFeed
Page 4
This is a confidential legal communication intended solely for the recipients and their
legal counsel, and should be treated as “off the record” for editorial purposes.
Sincerely,

RYAN J. STONEROCK Of

HARDER LLP
Cc: Client
Lan Vu, Esq.

{00094773;2}