Merge pull request #20269 from github/updates

Added 2026/04/2026-04-09-jsc-bank-alliance.md

Author: dmca-sync-bot

2026/04/2026-04-09-jsc-bank-alliance.md

@@ -0,0 +1,113 @@
+Before disabling any content in relation to this takedown notice, GitHub
+- contacted the owners of the affected repositories to give them an opportunity to [make changes](https://docs.github.com/en/github/site-policy/dmca-takedown-policy#a-how-does-this-actually-work).
+- provided information on how to [submit a DMCA Counter Notice](https://docs.github.com/en/articles/guide-to-submitting-a-dmca-counter-notice).
+
+To learn about when and why GitHub may process some notices this way, please visit our [README](https://github.com/github/dmca/blob/master/README.md#anatomy-of-a-takedown-notice).
+
+---
+
+**Are you the copyright holder or authorized to act on the copyright owner's behalf? If you are submitting this notice on behalf of a company, please be sure to use an email address on the company's domain. If you use a personal email address for a notice submitted on behalf of a company, we may not be able to process it.**
+
+Yes, I am authorized to act on the copyright owner's behalf.
+
+**Are you submitting a revised DMCA notice after GitHub Trust & Safety requested you make changes to your original notice?**
+
+No
+
+**Does your claim involve content on GitHub or npm.js?**
+
+GitHub
+
+**Please describe the nature of your copyright ownership or authorization to act on the owner's behalf.**
+
+I am the copyright owner of the proprietary Android application identified in this notice. [private] (or [private] company) developed and own all rights to the application's source code, compiled binaries (APK), and associated resources.  
+The application has not been released under any open-source license, and no permission has been granted to third parties to copy, modify, reverse engineer, or redistribute it.  
+I am an authorized representative of JSC Bank Alliance , the copyright owner of the proprietary Android application identified in this notice.
+
+**Please provide a detailed description of the original copyrighted work that has allegedly been infringed.**
+
+The copyrighted work is a proprietary Android mobile application developed and owned by [private] (or [private] company).
+
+The application consists of original source code written in Java/Kotlin, compiled into Android APK format, as well as associated resources including UI layouts, images, configuration files, and application logic.
+
+It is distributed as a compiled APK through official channels (such as Google Play or internal distribution) and is not publicly available in source code form. The application and its components are protected by copyright law.
+
+The work includes, but is not limited to:  
+- Application source code and business logic  
+- Compiled bytecode (DEX)  
+- AndroidManifest configuration  
+- UI resources (layouts, drawables, strings)  
+- Internal APIs and integration logic
+
+No part of this application has been released under an open-source license, and no authorization has been granted for third parties to extract, reproduce, reverse engineer, or redistribute any portion of the application.
+
+**If the original work referenced above is available online, please provide a URL.**
+
+Official distribution page:  
+https://play.google.com/store/apps/details?id=ua.monvel.bankalliance
+
+**We ask that a DMCA takedown notice list every specific file in the repository that is infringing, unless the entire contents of the repository are infringing on your copyright. Please clearly state that the entire repository is infringing, OR provide the specific files within the repository you would like removed.**
+
+**Based on the above, I confirm that:**
+
+The entire repository is infringing
+
+**Identify the full repository URL that is infringing:**
+
+https://github.com/kingmaxbd/APK-cloner
+
+**Do you claim to have any technological measures in place to control access to your copyrighted content? Please see our <a href="https://docs.github.com/articles/guide-to-submitting-a-dmca-takedown-notice#complaints-about-anti-circumvention-technology">Complaints about Anti-Circumvention Technology</a> if you are unsure.**
+
+Yes
+
+**What technological measures do you have in place and how do they effectively control access to your copyrighted material?**
+
+The application employs several technological measures to protect access to its copyrighted content:
+
+1. **Application Signing** – The APK is cryptographically signed, ensuring that only authorized versions can be installed and recognized as legitimate by the operating system. Unauthorized modifications or repackaging break the signature.
+
+2. **Runtime Integrity Checks** – The application performs runtime checks on its own integrity, detecting tampering or modifications to the APK.
+
+3. **SSL Pinning / Secure API Access** – Network communications are protected to prevent unauthorized access to backend services and sensitive data.
+
+These measures collectively control access to the proprietary code and resources, preventing unauthorized copying, modification, and redistribution. The infringing repository appears to have bypassed these protections through decompilation, which constitutes unauthorized circumvention of access controls.
+
+**How is the accused project designed to circumvent your technological protection measures?**
+
+The accused repository appears to have circumvented the technological protection measures of [private] application through the following methods:
+
+1. **APK Decompilation** – The infringing material contains directories such as "smali" and configuration files like "apktool.yml", indicating that the original APK was decompiled using tools such as apktool. This bypasses the application's code obfuscation and runtime integrity checks.
+
+2. **Signature Bypass** – By decompiling and repackaging the APK, the repository ignores the application's cryptographic signing, which normally prevents unauthorized modifications and installations.
+
+3. **Direct Access to Resources and Logic** – The repository exposes the application's internal bytecode, resources, and manifest, allowing the infringer to access proprietary logic and assets that are otherwise protected by the application’s technological measures.
+
+These actions effectively bypass the protections intended to prevent unauthorized copying, modification, and distribution of the proprietary application.
+
+**If you are reporting an allegedly infringing fork, please note that each fork is a distinct repository and <i>must be identified separately</i>. Please read more about <a href="https://docs.github.com/articles/dmca-takedown-policy#b-what-about-forks-or-whats-a-fork">forks.</a> As forks may often contain different material than in the parent repository, if you believe any of the repositories or files in the forks are infringing, please list each fork URL below:**
+
+**Is the work licensed under an open source license?**
+
+No
+
+**What would be the best solution for the alleged infringement?**
+
+Reported content must be removed
+
+**Do you have the alleged infringer’s contact information? If so, please provide it.**
+
+**I have a good faith belief that use of the copyrighted materials described above on the infringing web pages is not authorized by the copyright owner, or its agent, or the law.**
+
+**I have taken <a href="https://www.lumendatabase.org/topics/22">fair use</a> into consideration.**
+
+**I swear, under penalty of perjury, that the information in this notification is accurate and that I am the copyright owner, or am authorized to act on behalf of the owner, of an exclusive right that is allegedly infringed.**
+
+**I have read and understand GitHub's <a href="https://docs.github.com/articles/guide-to-submitting-a-dmca-takedown-notice/">Guide to Submitting a DMCA Takedown Notice</a>.**
+
+**So that we can get back to you, please provide either your telephone number or physical address.**
+
+[private]
+
+**Please type your full name for your signature.**
+
+[private]