A story of exploiting Android through releasing packages with the same name and ID on public repositories: https://blog.autsoft.hu/a-confusing-dependency/