Pradeo researchers noted two apps on Google Play Store that are stealing users’ sensitive data secretly and sending them to servers in China.
Both apps have combined installs of over 1.5 million, possibly pushed by install farms or emulators. Though Google delisted them from the Play Store after the report was made, users are advised to uninstall them manually from their mobile if installed unsuspiciously.
Android Apps Stealing Sensitive Data
A report by researchers at Pradeo, a mobile security solution, notes two Android apps on the Google Play Store that are stealing sensitive data from users’ devices without their knowledge. The apps – File Recovery and Data Recovery(com.spot.music. file date) have over a million installs, while the other File Manager(com.file.box.master.gkd) has over 500,000 installs on the Google Play Store.
Both apps coming from the same developer; researchers say these apps don’t need any user interaction to work and were seeking more permissions than necessary. Once taken, they collect and send the following data to servers in China, noted Pradeo researchers.
- Users’ contact list from on-device memory, connected email accounts and social networks.
- Pictures, audio and video that are managed or recovered from within the applications.
- Real-time user location
- Mobile country code
- Network provider name
- Network code of the SIM provider
- Operating system version number
- Device brand and model
Though some of the above permissions are required for the apps to work as expected, most aren’t and the worst thing, these apps hide their home screen icon after being installed – leaving no option for the users to uninstall them. This offers persistence, thus more scope for stealing data.
Well, users can always go through Settings > Apps to find suspicious apps and delete them. Google has already removed these apps from the Play Store after they were reported, but it’s the users who need to be vigilant about installing suspicious apps. It’s always advised to keep your Play Protect on while also avoiding the installation of apps from unknown developers or sources.
Other Trending News:- News
