Privacy Risks of Wordle Clones
Wordle, the free, simple yet addictive word-guessing game originally created by Josh Wardle for his wife during lockdown and recently sold to the New York Times for a seven-figure sum, has been the viral sensation of 2022 so far.
Unfortunately, this incredible surge in popularity has led to a rise in copycat apps in Apple and Google’s app stores, hoping to cash in on the Wordle phenomenon.
There are a number of factors that have enabled this rise in clones:
- Wordle is browser-based, so there is no official mobile app
- There is at least one unofficial app also called Wordle in each app store
- The official Wordle game is limited by design to one puzzle a day. The clones typically offer an endless stream of words to guess for those fans with a larger appetite for guessing five-letter words.
- Prior to its sale to the NYT, Wordle was unmonetized and completely ad-free
The copycats are incredibly popular. By our estimates, the ten biggest of these apps have been downloaded 11.5 million times since the start of the year.
The single most popular clone app, also called Wordle, has been installed an estimated 5.7 million times.
The official Wordle game on the NYT website reportedly has over 300,000 daily users.
We decided to perform a technical analysis of these mobile apps as they appeared to be quick cash-ins, hoping to jump on the bandwagon and make as much money as they can before interest wanes.
Our concern was that many fans of the official version of Wordle might not realize the extent to which they were opening themselves up to invasive tracking and of the degree of data sharing taking place.
Our goal with this research is to raise awareness of how such mobile apps profit from intruding on their users’ privacy and thus allow consumers to make an educated choice about whether it’s worth installing and using such apps.
It is possible to counteract at least some of this kind of activity by using third-party ad blockers. Some leading VPN services, like NordVPN, have also launched tools that can be effective in blocking trackers.