Apps with 1.5M installs on Google Play send your data to China

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,593
Security researchers discovered two malicious file management applications on Google Play with a collective installation count of over 1.5 million that collected excessive user data that goes well beyond what's needed to offer the promised functionality.

The apps, both from the same publisher, can launch without any interaction from the user to steal sensitive data and send it to servers in China.

Despite being reported to Google, the two apps continue to be available in Google Play at the time of publishing.

File Recovery and Data Recovery, identified as "com.spot.music.filedate" on devices, has at least 1 million installs. The install count for File Manager reads at least 500,000 and it can be identified on devices as "com.file.box.master.gkd."

The two apps were discovered by the behavioral analysis engine from mobile security solutions company Pradeo and their description states that they do not collect any user data from the device on the Data Safety section of their Google Play entry
 

Stenographers

Level 2
Nov 11, 2022
48
This is a good example of why you should always be very skeptical of any piece of software you install. It is sad that over a million people decided to throw caution to the wind and install whatever on their phones.
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Many users assume what’s in the phone’s app store are automatically safe and malware-free. Users should take more precautions before trusting their phones.

Quote from: Google Play Store malware installed on 1.5 million Android devices - gHacks Tech News
Data Safety is mandatory information that app developers need to provide about their apps. The information that developers submit is not verified manually by Google.

Both applications had a relatively large number of downloads but no reviews. The researchers suggest that the developers of the app could have enhanced downloads artificially, for example, by using installation farms or mobile device emulators.

ESET, Lookout, McAfee, Trend Micro and Zimperium are major players in Google’s App Defense Alliance for Play Protect.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top