Explained: What Two Android Apps Are Sending Your Data to China?

In a recent discovery, two Android apps were found to be sending user data to China. These applications have been downloaded more than 1.5 million times and pose a serious risk to the privacy and security of all their users.

These apps are: File Recovery and Data Recovery and File Manager and both of them are disguised as file management apps. The threat was detected by cybersecurity company Pradeo, which discovered that they were collecting a wide range of users’ personal data. Both apps are created by the same developer known as Wang Tom.


Source: Pradeo

This data was sent to servers in China. The firm declared “This week, our engine detected two spyware programs hidden in the Google Play Store, affecting up to 1.5 million users. “Both apps are from the same developer, pose as file management apps, and exhibit similar malicious behavior.”

File Recovery & Data Recovery has been downloaded more than 1 million times, while File Manager has been downloaded 500,000 times.

According to Pradeo’s blog, these websites launch automatically without user intervention and begin collecting user information, which is then sent to malicious servers in China.

Here is the list of sensitive data these apps collect:

  • Contact lists
  • Real time location
  • Country code
  • Network provider name
  • Media available in the app: images, audio and video.
  • Information about the make and model of the device.
  • SIM provider network code
  • Version number of the operating system, which can potentially expose the system to vulnerabilities, similar to Pegasus spyware.

In addition to collecting information, these applications do not allow users to reject or modify the data that is collected. These apps also mislead users by claiming that they do not collect any data.

While Google has removed these apps from its platform, it is still essential to safeguard your personal data. Here are some tips to help you stay safe:

  • Only download apps from trusted sources: This means downloading apps from official app stores such as Google Play Store or Apple App Store.
  • Be careful about the permissions you give to apps: When you install an app, it will ask you for certain permissions. These permissions allow the app to access certain data on your device, such as your location, contacts, or camera. Only grant permissions that are necessary for the app to work.
  • Delete unnecessary apps: Go to your device settings and delete apps you don’t use or apps that don’t show permissions.
  • Read Reviews: It is essential that you read reviews of an app before installing it to know how the app works and what data it collects.
  • Scan your device for malware regularly: There are many security apps available that can scan your device for malware. This is a good way to check for apps that may have been secretly installed on your device.

In conclusion, the two Android applications pose a serious risk to personal security. Google has removed them from the Google Play Store, but if you have already downloaded them, you should uninstall them immediately. It is important to be aware of the risks associated with inauthentic apps and be selective about the apps you install on your devices.

READ| What is the pink WhatsApp scam?

Categories: Optical Illusion
Source: ptivs2.edu.vn

Leave a Comment