© 2024 CoolTechZone - Latest tech news,
product reviews, and analyses.

Spyware apps on Google Play Store send data to China


Pradeo, a mobile security company, has discovered a pair of spyware apps hiding on the Google Play Store and silently sending sensitive user data to servers based in China.

According to Pradeo, both applications, named File Recovery & Data Recovery and File Manager, have been installed by up to 1.5 million users and can affect them all.

“The apps are from the same developer, pose as file management applications and feature similar malicious behaviors,” the company said in a blog post.

“They are programmed to launch without users’ interaction, and to silently exfiltrate sensitive users’ data towards various malicious servers based in China. We have alerted Google of the discovery before publishing this alert.”

Quite obviously, anyone who has installed any of these apps on their Android devices is urged to delete them manually as they are scraping personal information, including contact lists, pictures, videos, and real-time user location.

pradeo-apps
Spyware apps on the Google Play Store.

Pradeo reported their discovery to Google, and the tech giant has since removed them from the Play Store. But if they’re on a device already, removing them is more difficult – Pradeo says that the two apps hide their home screen icons.

This is why users willing to uninstall the malicious apps need to open Settings and then select Apps to see the list of applications running on the device.

According to Pradeo, this particular hacker probably used an install farm or mobile device emulators to fake the size of a big user population, visible on the app store. This increased the apps’ apparent legitimacy.

Also, the attacker allegedly found a way to play around the fact that users often install applications they end up not even using. For most malware, that means the attack is unsuccessful.

“To overcome that obstacle, File Manager and File Recovery & Data Recovery can, through the advanced permissions they use, induce the restart of the device. This then permits the apps to launch and execute themselves automatically at restart,” Pradeo said.


Leave a Reply

Your email address will not be published. Required fields are marked