Two spyware apps have been found in the Google Play Store. More than 1.5 million Android users who downloaded the apps are under threat from Chinese hackers.
Anyone using the apps, File Recovery & Data Recovery and File Manager, is urged to delete them from their devices because the apps collect users’ personal data.
This data includes contact lists, pictures, videos and real-time user location.
The malicious apps identified by cybersecurity firm Pradeo and reported to Google have been removed from the PlayStore, but may still be on many people’s phones.
Wang Tom, the developer of both apps, claimed that they did not collect users’ data. However, a deeper analysis by Pradeo found that this was not the case.
Pradeo also found that both apps hide the home screen icons, making it difficult to find and uninstall the app. The apps, which were updated at the end of June, also abused the permissions the user approved during installation to start the device in the background.
As BleepingComputer reports, the publisher inflated the popularity of the apps to gain more traction on Google Play.
Pradeo revealed that the apps were able to obtain contact lists linked to email accounts, social networks and what was stored on the device. Users’ pictures, audio, video, location, mobile country codes and network provider names are compromised.
To uninstall malicious apps, users need to open Settings and then select Apps to see a list of apps running on the device.
The second case in the Play Store this month
Earlier this month, Google warned Android users about a security threat that could steal banking information.
According to research by the security team at ThreatFabric, phones are infected with the fake Anatsa banking malware using apps installed on the Google Play Store. Once installed on a device, the money-stealing bug steals the credentials of users who log into mobile banking.
Hackers can then take control of a person’s account and access credentials, credit card details, bank balance and payment information, transferring funds that the account holder is less likely to notice.
“This is very difficult for banks’ anti-fraud systems to detect because the transactions are initiated from the device that the targeted bank customers regularly use,” ThreatFabric explains.
According to security researchers tracking activity at the tech company, there are more than 30,000 installations of the software using this method alone.
Source: Daily Mail,
