A detailed in a report published by Pradeo, analysts discovered two file management apps on the Google Play Store to be spyware, secretly sending the user data of 1.5 million Android users to servers in China.
Seemingly harmless Spyware apps, File Recovery and Data Recovery (1 million plus installs) and File Manager (500k plus installs), are developed by the same malicious group and assure users that no data is collected, automatically launch when the device reboots, and hides their icons on home screens.
Pradeo’s analytics engine has found stolen data to include contact lists, media files, real-time location, mobile country code, network provider details, SIM provider network code, operating system version, device brand, and model. Each app performs more than a hundred transmissions and then transmits the data to multiple servers in China which are deemed malicious.
Ted Miracco, CEO, Approov Mobile Security had this to say:
“The security issues related to this story are deeply concerning, albeit not surprising. The most fundamental problem is the false sense of security that consumers and businesses have related to app stores like Google Play (and Apple’s Appstore) in terms of actually protecting devices and individuals from these malicious apps.
“Both Apple and Google are actively promoting their security efforts at developer conferences, achieving record profits and sales while many of the apps available have huge discrepancies between their stated privacy policies and the actual information and data collected. These include both legitimate mainstream apps, that bend the rules without apparent consequences, and malicious apps that engage in deceptive behavior, claiming not to collect data while secretly doing so.
“App marketplaces must prioritize the implementation of more robust security measures to detect and prevent the infiltration of malicious apps that compromise user data. It is also important for users to remain vigilant in protecting their devices and for businesses to be extremely wary of deceptive and modified apps that can compromise their data and their employers’ data.
“The fact that the data is being sent to malicious servers in China compounds the gravity of the threat while making it extremely difficult for consumers and businesses to mitigate the repercussions and long term damage that might occur from the stolen data. It also highlights the complex global nature of cyber threats and the importance of international collaboration in addressing such issues.
“Cooperation between security experts, app stores, and law enforcement agencies is vital to combatting these malicious activities and safeguarding user data, yet it is a monumental task that may take decades to be resolved, due to the complexity and competing global agendas.”
This illustrates why you shouldn’t just install anything on your Android or iPhone. Because you simply don’t know what the apps do and where your data is going.
Like this:
Like Loading...
Related
This entry was posted on July 11, 2023 at 8:50 am and is filed under Commentary with tags Android, China. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Two File Management Apps On The Google Play Store Sending The Data Of 1.5 Million To China
A detailed in a report published by Pradeo, analysts discovered two file management apps on the Google Play Store to be spyware, secretly sending the user data of 1.5 million Android users to servers in China.
Seemingly harmless Spyware apps, File Recovery and Data Recovery (1 million plus installs) and File Manager (500k plus installs), are developed by the same malicious group and assure users that no data is collected, automatically launch when the device reboots, and hides their icons on home screens.
Pradeo’s analytics engine has found stolen data to include contact lists, media files, real-time location, mobile country code, network provider details, SIM provider network code, operating system version, device brand, and model. Each app performs more than a hundred transmissions and then transmits the data to multiple servers in China which are deemed malicious.
Ted Miracco, CEO, Approov Mobile Security had this to say:
“The security issues related to this story are deeply concerning, albeit not surprising. The most fundamental problem is the false sense of security that consumers and businesses have related to app stores like Google Play (and Apple’s Appstore) in terms of actually protecting devices and individuals from these malicious apps.
“Both Apple and Google are actively promoting their security efforts at developer conferences, achieving record profits and sales while many of the apps available have huge discrepancies between their stated privacy policies and the actual information and data collected. These include both legitimate mainstream apps, that bend the rules without apparent consequences, and malicious apps that engage in deceptive behavior, claiming not to collect data while secretly doing so.
“App marketplaces must prioritize the implementation of more robust security measures to detect and prevent the infiltration of malicious apps that compromise user data. It is also important for users to remain vigilant in protecting their devices and for businesses to be extremely wary of deceptive and modified apps that can compromise their data and their employers’ data.
“The fact that the data is being sent to malicious servers in China compounds the gravity of the threat while making it extremely difficult for consumers and businesses to mitigate the repercussions and long term damage that might occur from the stolen data. It also highlights the complex global nature of cyber threats and the importance of international collaboration in addressing such issues.
“Cooperation between security experts, app stores, and law enforcement agencies is vital to combatting these malicious activities and safeguarding user data, yet it is a monumental task that may take decades to be resolved, due to the complexity and competing global agendas.”
This illustrates why you shouldn’t just install anything on your Android or iPhone. Because you simply don’t know what the apps do and where your data is going.
Share this:
Like this:
Related
This entry was posted on July 11, 2023 at 8:50 am and is filed under Commentary with tags Android, China. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.