Thanks for the warning. I've checked those files and can confirm what
@peter232 said.
Stay away from this rom!
EDIT:
Here is the content of the file /system/bin/api :
http://pastebin.com/LQqjbcqF
You can see starting line 500 a function that rename your host file (in case you use it to block ads), then request an ad (with some requests back and forth between the ads portal and the smiui site so that the ads server think the request comes from the smiui website), then put back your host file.
This function gets called in an infinite loop (line 599)
I am totally speachless ... This is the result of accepting help from a stranger who seemed to be just a nice person ...
I developed sMiUI Roms from late 2014, always trying to create something great for the community. I spent so many hours of coding, creating the kitchen, all by myself ...
In 2016 I found someone (John) to help me and after some time I granted him access to all the servers and accounts, just because I couldnt stand it anymore all allone.
Turned out that this was a big mistake . . .
I immediately closed the website until I have researched all his "work" ... On first sight I can say, it seems that on the backend most of his **** did not work. I recommend you to delete /system/bin/api with a root explorer App or completely change your ROM. Flash xiaomi.eu ROM, its great!
Thanks to the guys who found it..
I have to sleep over that, cant believe what just happened with all the work from past 2 years.
EDIT:
I literally spent the whole night in cleaning that **** out of my build environment and the ROM.
I contacted John, but of course, he is not answering. . . Sure, he will never ever get any access to the server again . . .
It seems to be true, he tried to invisibly click some ads and get wifi passwords, but luckily he sucks at coding and neither the ads worked correct nor any of our passwords have been saved into the database.
I removed all the contact points he made on our server.
I cleaned the ROM and uploaded latest version to the kitchen which should be back online soon.
All previous versions have been removed!
SOLUTION :
-Download latst ROM from kitchen.
ALTERNATIVE:
-Download Root Explorer App and delete the following Files "/system/bin/api" "/system/bin/apiget", then reboot your phone. Now you´re safe!
I cannot accept closing all my work because one idiot tried some fraudental **** which resulted in a big fail. World seems to be a bad place . . .