Android Chinese Spyware Alert: Apps on Google Play Store With 1.5 Million Installs Found Sending Sensitive Data to China

The first app, "File Recovery & Data Recovery," had over a million installs, while File Manager had over 5,00,000. Both apps were uploaded by the same publisher, wang tom.

Google Play Store (File Photo)

San Francisco, July 9: Security researchers have found two malicious file management applications on Google Play Store with a collective download count of over 1.5 million that sends sensitive users' data towards various malicious servers based in China. "Our engine detected two spyware hiding on the Google Play Store and affecting up to 1.5 million users. Both applications are from the same developer, pose as file management applications and feature similar malicious behaviours," said cyber security company Pradeo.

"They are programmed to launch without users’ interaction and to silently exfiltrate sensitive users’ data towards various malicious servers based in China," it added. Defence Intelligence Agencies Warn Over Threat From Chinese Mobile Phones, Ask Units To Ensure Troops’ Families Don’t Use Them.

Both apps stated they collect no data on the Google Play website; however, the security researchers said that "both spyware collected very personal data from their targets, to send them to a large number of destinations which are mostly located in China and identified as malicious".

The stolen data includes users’ contact lists from the device itself and from all connected accounts such as email, social networks, media compiled in the application: Pictures, audio and video contents, real-time user location, mobile country code, network provider name, and more. Google Play Infiltrated by New Android Malware ‘Goldoson’, Infects 60 Apps With 100 Million Downloads.

The first app, "File Recovery & Data Recovery," had over a million installs, while File Manager had over 5,00,000. Both apps were uploaded by the same publisher, wang tom.

According to the researchers, the developers use a number of "sneaky behaviours" to boost the programme's popularity, such as generating the appearance that the software is authentic and requiring minimal user involvement to participate in criminal conduct.

(The above story first appeared on LatestLY on Jul 09, 2023 04:38 PM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).

Share Now

Share Now