Spyware Apps on Google Play with 1.5 Million Users Data Sending to China
Latest Update

Spyware Apps on Google Play with 1.5 Million Users Data Sending to China

Posted on by Anish Bht

Around 1.5 million users have been affected by two spyware apps found on the Google Play Store.

Two Spyware Apps found on the Google Play Store have been identified as spyware, potentially compromising the privacy and security of around 1.5 million Android users. These apps engage in deceptive practices and covertly send sensitive user data to malicious servers in China.

Pradeo, a mobile security company, has made a troubling revelation through their investigation. They have uncovered that the same group is responsible for developing two spyware apps: File Recovery and Data Recovery (com.spot.music.filedate) with over 1 million installs, and File Manager (com.file.box.master.gkd) with over 500,000 installs.These seemingly harmless Android apps employ similar malicious tactics and launch automatically when the device restarts, without any user input.

Pradeo’s analytics engine discovered that both apps collect personal information without users’ knowledge, contradicting their claims on the Google Play Store. The stolen data includes contact lists, media files (images, audio files, and videos), real-time location, mobile country code, network provider details, SIM provider network code, operating system version, device brand, and model.

The significant volume of data transferred by these spyware apps is particularly alarming. Each app actively performs over a hundred transmissions, indicating a substantial level of malicious activity. Once the apps collect the data, they send it to multiple servers in China, which security experts have identified as malicious.

Flutter-Based Android Malware Strikes Your Credit Cards and 2FA Codes at Risk!

The developers of these spyware apps have used sneaky techniques to appear legitimate and make them hard to uninstall. They artificially increased the download numbers using tricks like install farms or emulators, making them seem trustworthy. Additionally, both apps have special permissions that let them hide their icons on the home screen, making it difficult for users to remove them.

In response to this discovery, Pradeo offers security advice. Users should be cautious when downloading apps, especially those without ratings but claiming a large user base. It’s crucial to read and understand app permissions before accepting them to prevent breaches like this.

For organizations, educating employees about mobile threats and setting up automated detection systems is important to protect against potential attacks.

This incident highlights the ongoing battle between cybersecurity experts and malicious actors exploiting users. Malware and spyware attacks are always evolving, finding new ways to infiltrate trusted platforms like the Google Play Store. As a user, it’s important to stay vigilant, be careful when downloading apps, and rely on reputable sources for software, according to report

Leave a Reply

Your email address will not be published. Required fields are marked *