In a recent revelation, two Android apps were found to be sending user data to China. These apps have been downloaded more than 1.5 million times and pose a serious risk to the privacy and security of all users.
These apps are – File Recovery & Data Recovery and File Manager and both are disguised as file manager apps. The threat was discovered by cybersecurity company Pradeo, which revealed that it is collecting various types of personal information from its users. Both apps are created by the same developer named Wang Tom.
Source: Pradeo
This data is sent to servers in China. The mentioned company “This week, our tool detected two spyware hidden in the Google Play Store and affected 1.5 million users. Both apps are from the same developer, act as file manager apps, and have similar malicious behaviors.”
File Recovery & Data Recovery has been downloaded more than a million times, while File Manager has been downloaded 500,000 times.
According to Prade’s blog, these websites automatically launch without any user input and start collecting user information, which is then sent to malicious servers in China.
Here is a list of the sensitive data these apps collect:
- contact list
- Real-time location
- With the state
- Name of network service provider
- Media available in the app – images, audio and video
- Device make and model information
- SIM card provider network code
- The operating system version number, which can potentially make the system vulnerable, is similar to the Pegasus spyware.
In addition to collecting information, these applications do not allow users to opt out or modify the data collected. These apps also mislead users by claiming that they don’t collect any data.
Although Google has removed these apps from its platform, it’s still important to protect your personal information. Here are some tips to help you stay safe:
- Only download apps from trusted sources: This means downloading apps from official app stores, such as the Google Play Store or Apple App Store.
- Be careful with what permissions you give apps: When you install an app, it asks for certain permissions. These permissions allow apps to access certain data on your device, such as your location, contacts, or camera. Grant only the necessary permissions for the app to work.
- Remove unnecessary apps: Go to your device’s settings and remove apps you don’t use or apps that don’t show permissions.
- Read reviews: It’s important to read reviews of an app before you install it so you know how it performs and what data it collects.
- Scan your device regularly for malware: There are many security apps that can scan your device for malware. This is a good way to check if any apps are secretly installed on your device.
In summary, two Android apps pose a serious risk to personal security. Google has removed them from the Google Play Store but if you have downloaded them you should uninstall them immediately. It’s important to be aware of the risks associated with apps that don’t authenticate and be selective about the apps you install on your device.
READ| What is Whatsapp Pink Scam?
Categories: Trends
Source: HIS Education