Motorola’s pre-installed Smart Feed app has been caught quietly hijacking the Amazon app to insert affiliate codes, meaning Motorola (or a third party) was collecting a commission on purchases you make without your knowledge or consent.

The behavior surfaced on May 25, 2025, when a Reddit user with a Motorola Razr 60 Ultra noticed the Amazon app opening a browser window instead of launching directly. They dug into ADB logs and confirmed the launcher was redirecting users to an external URL before loading Amazon, complete with an affiliate code attached.
9to5Google replicated the issue on a Razr Fold running Smart Feed version 2.03.0070. Motorola has since acknowledged the behavior and stated it was unintended, saying it has stopped the redirect.
What Is Motorola Smart Feed?
Smart Feed is a pre-installed system app that ships on many Motorola phones, including the latest Razr (2026) foldables. It is built to surface personalized content and recommendations directly on the device.
Because Motorola installs it as a hidden system app, most users never notice it running in the background. That invisibility is exactly what made this situation so alarming.
How Motorola Smart Feed Hijacks Amazon Affiliate Codes
When the Amazon app sits in the app drawer, tapping its icon does not launch Amazon directly. Instead, Smart Feed intercepts the tap, briefly opens Chrome or the default browser, and redirects to an external URL that appends an Amazon affiliate code to the session. The browser then hands off to the Amazon app, and the shopping session begins with the affiliate code already attached.
The redirect only triggers when you open Amazon from the app drawer. Opening it from a home screen shortcut launches Amazon normally, with no hijacking.
The device also sends network requests to devicenative.com, a service that places ads on smartphones and openly acknowledges its integration with Motorola. This suggests the behavior is server-driven, meaning devicenative.com can instruct the phone which apps to target and which affiliate codes to inject, remotely.
Users on Reddit reported the same behavior, with one calling it “outright malware” and another describing it as “really sketchy.” The affected user was running a phone that retails for over $1,300.
The Honey Parallel
This behavior closely mirrors the Honey scandal that hit PayPal in 2024. Honey was a browser extension that promised to find and apply the best discount codes at checkout. Investigations revealed that Honey was also attaching its own affiliate codes to purchases, replacing referral codes from creators and influencers who had legitimately earned those commissions.
The Motorola case follows the same pattern: a piece of software the user did not explicitly install for affiliate purposes quietly collecting revenue on purchases the user was going to make anyway.
The Strange Kira Abboud Connection
The redirect URL that flashes up when you open Amazon from the app drawer points to kira-abboud.com, which appears to reference fashion influencer Kira Abboud (known online as @kirasfashionfinds).
The affiliate code being injected is sramz-kff-008-20. This code does not match any affiliate links that Abboud has shared on her social media accounts or linked websites.
That mismatch raises the real possibility that neither Motorola nor Abboud intentionally set this up. Someone, presumably via the devicenative.com ad platform, pushed an update to Smart Feed that started routing affiliate revenue through an influencer’s domain without her involvement or Motorola’s direct approval.
9to5Google noted that sideloading the updated version of Smart Feed onto an unaffected device did not reproduce the behavior, which suggests the hijack requires a server-side trigger from devicenative.com, not just the app itself.
Which Phones Are Affected?
Based on testing by 9to5Google and reports from Reddit users, the behavior affects:
- Motorola Razr Fold (Smart Feed v2.03.0070 confirmed affected)
- Motorola Razr 60 Ultra (reported by Reddit users)
Devices running Smart Feed v2.03.0056 do not show the redirect. The Moto G Stylus (2026) running the same newer app version also did not reproduce the behavior, so the trigger appears tied to both the app version and possibly device model or server-side targeting.
Motorola told 9to5Google that the affiliate injection was unintended and confirmed it has stopped the behavior. The company has not provided a detailed explanation of how the devicenative.com integration caused this to happen or whether the behavior was present on any other shopping apps beyond Amazon.
How to Disable Smart Feed on Your Motorola Phone
Until Motorola pushes a fix or you receive a clean app update, disabling Smart Feed stops the redirect immediately. Here is how to do it:
- Open Settings on your Motorola phone.
- Tap Apps.
- Tap the search icon and type Smart Feed.
- Tap on Smart Feed from the results.
- Tap Disable.
- Confirm when prompted.
Once disabled, opening the Amazon app from the app drawer will launch it directly with no browser redirect. 9to5Google confirmed this fix works immediately on affected devices.
Disabling Smart Feed does not appear to cause any other problems on the device.
Why Pre-Installed Apps Like Smart Feed Are a Privacy Risk
Even if Motorola’s explanation of “unintended behavior” is accurate, several issues remain:
- The app runs hidden: Smart Feed installs as a system app with no visible icon, so users have no way to know it is intercepting their app launches.
- The behavior is server-controlled: Since devicenative.com appears to push the targeting data remotely, Motorola phones could be configured to hijack other shopping apps beyond Amazon at any time, without requiring an app update.
- Transparency is missing: There is no disclosure anywhere in the Smart Feed setup, Motorola’s device settings, or any user-facing documentation that the app intercepts third-party app launches for affiliate purposes.
If a third-party app from an unknown developer behaved this way, it would be classified as adware or potentially unwanted software. Coming from a major phone manufacturer, it is a significant breach of user trust.
