Two file management apps in the Google Play Store have been found to be spyware, putting the privacy and security of up to 1.5 million Android users at risk. These apps act deceptively and covertly send sensitive user data to malicious servers in China.
Pradeo, a leading mobile security company, discovered this disturbing intrusion.of report Both spyware apps i.e. File recovery and data recovery (com.spot.music.filedate) has over 1 million installs, file manager (com.file.box.master.gkd) has over 500,000 installations and is developed by the same group. These seemingly harmless Android apps use similar malicious tactics to automatically launch on device reboot without any user input.
Contrary to claims in the Google Play Store, where both apps assure users that no data is collected, Pradeo’s analytics engine found that various personal information was collected without the user’s knowledge. bottom. The stolen data includes contact lists, media files (images, audio files, videos), real-time location information, mobile phone country code, network provider details, SIM provider network code, operating system version, device of brands and models.
Of particular concern is the large amount of data transferred by these spyware apps. Each app performs over 100 submissions, which is a significant amount for malicious activity. Once the data is collected, it is sent to multiple servers in China, which are considered malicious by security experts.
To make matters worse, the developers of these spyware apps use sneaky techniques to make them appear more legitimate and harder to uninstall. Hackers have installed his farms and mobile his devices his emulators to artificially increase the number of app downloads, creating a false sense of trust. Additionally, both apps have advanced permissions to hide their icons on the home screen, making it difficult for unsuspecting users to uninstall them.
Pradeo offers security recommendations for individuals and businesses in light of this disturbing discovery. Be careful when downloading apps, especially those that have no ratings if they claim a large user base. To prevent such breaches, it is very important to read and understand any app permissions before accepting them.
๐ Privileged Access Management: Learn How to Overcome Key Challenges
Discover different approaches to overcoming the challenges of privileged account management (PAM) and leveling up your privileged access security strategy.
Organizations should prioritize educating employees about mobile threats and setting up automated mobile detection and response systems to protect against potential attacks.
The incident highlights the ongoing battle between cybersecurity experts and malicious actors who exploit unsuspecting users. Malware and spyware attacks are constantly evolving, finding new ways to penetrate trusted platforms like the Google Play store. As a user, it is imperative to stay vigilant, be careful when downloading apps, and rely on trusted sources for software.