- Pradeo finds two apps sending user’s sensitive information to a malicious location in China.
- Apps are found to be collecting sensitive data like contact lists, media, location, network information, and much more.
- Google removed both apps from the Google play store as an action against the apps.
Two apps disguised as file management apps have been sending sensitive information to China as per a cybersecurity firm Pradeo. The apps are named “File Recovery and Data Recovery” and “File Manager”. These apps are installed more than 1.5 million times.
“This week, our engine detected two spyware hiding on the Google Play Store and affecting up to 1.5 million users. Both applications are from the same developer, pose as file management applications, and feature similar malicious behaviors. They are programmed to launch without users’ interaction and to silently exfiltrate sensitive users’ data towards various malicious servers based in China. We have alerted Google of the discovery before publishing this alert.” Pradeo wrote in its blog post.
Beware, #Android users! Two popular file management apps on #Google Play Store revealed as #spyware, sending users' data to servers in China.— The Hacker News (@TheHackersNews) July 8, 2023
Over 1.5M users' security and #privacy are at risk.
Read details: https://t.co/gWGcjfUGXa#cybersecurityawareness #technews
According to Pradeo, these apps are collecting very personal data from their targets and sending it back to malicious destinations located in China. Data includes the following list;
- Users Contact list from the device and all connected accounts including email and social accounts.
- Media stored in the application
- User’s location
- Network provider name
- Mobile country code
- Network code of the sim provider
- Operating system version number
- Device name
Google has already taken action against both apps by removing their Google play store. If you have already installed any of both apps, it is wise to uninstall them immediately.
Also, Read “Get Ahead with Meta Threads Beta for Android Users“
Pradeo recommends users read reviews and permissions before installing the app. Be careful these types of apps can pose a threat to your data. Always install not-so-widely popular apps carefully for your safety.