It turned out that the Android application downloaded a total of 1.5 million times was sending data to the server in China



Two Android apps 'File Recovery and Data Recovery' and 'File Manager' published on the Google Play store were launched in the background without user interaction and sent data to a server in China. Reported by related company

Pradeo . These apps had a total of over 1.5 million installs on the Google Play store.

Two spyware tied with China found hiding on the Google Play Store
https://blog.pradeo.com/spyware-tied-china-found-google-play-store



Apps with 1.5M installs on Google Play send your data to China

https://www.bleepingcomputer.com/news/security/apps-with-15m-installs-on-google-play-send-your-data-to-china/



Discovered by Pradeo's behavioral analytics engine, the apps were noted in their Google Play store descriptions as 'does not collect user data from the device.' However, in reality, these apps collect user data and it was impossible for users to delete the collected data.



The data collected by both apps includes ``the user's contact list such as e-mail accounts and SNS linked to the device'', ``content such as images, audio and video managed within the application'', and ``user's real-time location''. information', 'Phone number country code', 'Network provider name', 'SIM provider network code', 'OS version number', 'Device brand and model name'. These data are originally supposed to be unnecessary data for both apps that perform data recovery functions and file management.

These apps basically do not display icons on the home screen. This makes it difficult for users to uninstall. In addition, these apps can exploit the access rights approved by the user at the time of installation to restart the device and launch the app in the background at that time. In addition, stolen device data from users was sent to more than 100 different servers, all of which Pradeo reports are located in China.

Although these apps have been installed more than 1.5 million times in total, the number of user reviews on the Google Play store is very small compared to the number of downloads. seems to have been illegally inflated.' ``We strongly recommend that you check user reviews before installing an app, pay attention to the permissions requested, and only download software and apps published by reputable developers.'' I'm here.



When Pradeo reported this matter, the app was published on the Google Play store, but has since been removed from the Google Play store. Google told overseas media BleepingComputer, ``These apps have been removed from the Google Play store.Our Google Play Protect protects users and their Android devices from apps known to contain malware. is possible,” he said.

in Security, Posted by log1r_ut