A detailed in a report published by Pradeo, analysts discovered two file management apps on the Google Play Store to be spyware, secretly sending the user data of 1.5 million Android users to servers in China.
Seemingly harmless Spyware apps, File Recovery and Data Recovery (1 million plus installs) and File Manager (500k plus installs), are developed by the same malicious group and assure users that no data is collected, automatically launch when the device reboots, and hides their icons on home screens.
Pradeo’s analytics engine has found stolen data to include contact lists, media files, real-time location, mobile country code, network provider details, SIM provider network code, operating system version, device brand, and model. Each app performs more than a hundred transmissions and then transmits the data to multiple servers in China which are deemed malicious.
Ted Miracco, CEO, Approov Mobile Security had this to say:
“The security issues related to this story are deeply concerning, albeit not surprising. The most fundamental problem is the false sense of security that consumers and businesses have related to app stores like Google Play (and Apple’s Appstore) in terms of actually protecting devices and individuals from these malicious apps.
“Both Apple and Google are actively promoting their security efforts at developer conferences, achieving record profits and sales while many of the apps available have huge discrepancies between their stated privacy policies and the actual information and data collected. These include both legitimate mainstream apps, that bend the rules without apparent consequences, and malicious apps that engage in deceptive behavior, claiming not to collect data while secretly doing so.
“App marketplaces must prioritize the implementation of more robust security measures to detect and prevent the infiltration of malicious apps that compromise user data. It is also important for users to remain vigilant in protecting their devices and for businesses to be extremely wary of deceptive and modified apps that can compromise their data and their employers’ data.
“The fact that the data is being sent to malicious servers in China compounds the gravity of the threat while making it extremely difficult for consumers and businesses to mitigate the repercussions and long term damage that might occur from the stolen data. It also highlights the complex global nature of cyber threats and the importance of international collaboration in addressing such issues.
“Cooperation between security experts, app stores, and law enforcement agencies is vital to combatting these malicious activities and safeguarding user data, yet it is a monumental task that may take decades to be resolved, due to the complexity and competing global agendas.”
This illustrates why you shouldn’t just install anything on your Android or iPhone. Because you simply don’t know what the apps do and where your data is going.
Five Eyes’ Intelligence Chiefs Accuse China Of IP Theft And ‘new cold war
Posted in Commentary with tags China, Five Eyes on October 19, 2023 by itnerdn an “unprecedented” joint call by the Five Eyes on Tuesday, the intelligence chiefs of the countries accused China of intellectual property theft and using AI for hacking and spying against its nations and called for private industry and academia to help counter those threats.
“China has long targeted businesses with a web of techniques all at once: cyber intrusions, human intelligence operations, seemingly innocuous corporate investments and transactions. Every strand of that web had become more brazen, and more dangerous,” FBI Director Christopher Wray said.
The FBI and the White House sent a warning Tuesday about how technology is being used dangerously, calling it the “new Cold War.”
This meeting comes shortly after the Biden administration issued new restrictions on companies exporting AI technology to China and other countries.
Despite China having a bigger hacking program than that of every other nation combined, the Chinese government spokesman Liu Pengyu said the country was committed to intellectual property protection and denied the “groundless” allegations.
Ted Miracco, CEO, Approov Mobile Security had this comment:
“Statements from the intelligence communities at the Five Eyes countries are a positive recognition of the persistent threat of Chinese espionage. However, this escalation is coming years, perhaps decades, after we had known about the blatant theft of intellectual property from China.
“As open societies, we face significant challenges in competing against a closed society like China in the field of AI. China has a centralized governance structure, which gives it access to a large amount of diverse and centralized data, without a lot of ethical restrictions on how it will be used. In contrast, the Five Eyes countries face challenges in accessing similar volumes and types of data due to privacy concerns and legal frameworks that prioritize individual rights. China has also been aggressively investing in AI research and development, leading to a significant pool of talented scientists, engineers, and researchers.
“The Five Eyes countries have well-established innovation ecosystems, including leading universities, research institutions, and a vibrant private sector that fosters a culture of innovation which can lead to breakthroughs in AI technologies. However, the question that remains is can open societies capitalize on these innovations, safeguard individual freedoms, and protect their valuable IP over the long term?”
David Mitchell, Chief Technical Officer, HYAS follows with this comment:
“The PRC has been a cyber concern for as long as I can remember but has grown to become an existential threat over the last few years. The sheer number of motivated hacking teams, the scale of the toolsets and the coordination are unlike anything we’ve ever seen — and add AI to the equation and we have a serious problem. The private sector is not equipped to deal with such skilled nation state teams for a variety of reasons — a lack of network visibility, disjointed security platforms and understaffed organizations.
“Without improvements in our security posture, products, and response, along with coordination between the private sector and government, it is hard to see this threat dissipating anytime soon.”
While China isn’t the only state actor that is out to steal all the IP that it can get, it is the biggest. Thus the threat that China poses must be taken seriously, along with doing everything possible to stop them from profiting from their desire to steal all the IP that they can.
Leave a comment »