Android apps with spyware sending data to China found with over 10 lakh downloads

Google Play introduced privacy-focused ‘nutrition labels’ to improve user privacy. These labels inform users about the data collected by apps before downloading them.

However, some malicious developers have found ways to bypass these measures, leading to the theft of personal data.

Pradeo, a mobile cybersecurity company, recently discovered two apps on Google Play that contain spyware.

This spyware sends data to malicious servers in China, affecting over 1 million users.

Spyware

Pradeo, a cybersecurity firm, has discovered two apps on Google Play called "File Recovery and data recovery" and "File Manager," both published by the developer "Wang Tom."

These seemingly harmless apps have been found to contain spyware that can extract sensitive user information.

When users download the application and grant all the necessary permissions, the app starts collecting their data.

However, on their download pages, they falsely claim not to collect any user data, thereby violating data protection laws such as the GDPR.

According to Pradeo's research, the apps containing spyware collected various personal data from users' devices.

This included contact lists from the device and connected accounts, real-time user location, mobile country code, network provider name, network code of the SIM provider, as well as device brand and model.

This kind of data collection carries significant implications as it puts users at risk of privacy breaches and potential misuse of their personal information.

The research firm emphasises the significance of checking app reviews, as the absence of reviews despite high download counts can be a red flag.