Two Spyware Apps on Google Play with 1.5 Million Users Sending Data to China
Two file management apps on the Google Play Store have been found to be spyware, compromising the privacy and security of up to 1.5 million Android users. This app engages in deceptive behavior and surreptitiously sends sensitive user data to malicious servers in China.
Pradeo, a leading mobile security company, has uncovered this alarming breach. That report shows that both spyware applications, ie File Recovery and Data Recovery (com.spot.music.filedate) with over 1 million installs, and File Manager (com.file.box.master.gkd) with over 500,000 installs, developed by the same group. This seemingly harmless Android app uses a similar nefarious tactic and launches automatically when the device reboots without any user input.
Contrary to what they claim on the Google Play Store, where both apps assure users that no data has been collected, Pradeo’s analytics engine found that various personal information was collected without users’ knowledge. The stolen data includes contact lists, media files (images, audio files and videos), real-time location, mobile country code, network provider details, SIM provider network code, operating system version, device brand and model.
What is very worrying is the large amount of data transferred by this spyware application. Each application makes more than a hundred transmissions, a large enough number for malicious activity. Once the data is collected, it is sent to several servers in China, which security experts deem dangerous.
Even worse, the developers of these spyware applications have used sneaky techniques to appear more legitimate and make it more difficult to uninstall them. Hackers artificially increase the number of app downloads by installing Farms or mobile device emulators, creating a false sense of trust. Also, both apps have advanced permissions that allow them to hide their icon on the home screen, making it difficult for unsuspecting users to uninstall them.
Pradeo provides safety recommendations for individuals and businesses in light of this troubling discovery. Individuals should be careful while downloading apps, especially those that are unrated if claiming a large user base. It is very important to read and understand app permissions before accepting them to prevent violations like this.
🔐 Privileged Access Management: Learn How to Beat Key Challenges
Discover different approaches to conquering Privileged Account Management (PAM) challenges and enhance your privileged access security strategy.
Organizations should prioritize educating their employees about mobile threats and setting up automated mobile detection and response systems to protect against potential attacks.
This incident highlights the ongoing battle between cybersecurity experts and bad actors who exploit unsuspecting users. Malware and spyware attacks are constantly evolving and finding new ways to infiltrate trusted platforms like the Google Play Store. As a user, it is very important to stay alert, be careful when downloading applications, and rely on reputable software sources.
