CATEGORIES
home News

Android Spyware Apps With 1.5M Installs Caught Hiding In Google Play, Delete ASAP

by Nathan OrdFriday, July 07, 2023, 11:27 AM EDT
android spyware apps with millions of installs caught hiding in google play delete asap
Time and time again, malware or malicious apps find their way to Google Play Store, infecting millions of people. In this same vein, researchers have discovered spyware with ties to China hiding in the Play Store disguised as file management apps.

This week, researchers at Pradeo discovered two spyware apps with a combined 1.5 million downloads on the Google Play Store. The apps, ‘File Recovery and Data Recovery’ and ‘File Manager,’ were found to be lying about the data they collected in the “Data Safety” section of the store. Behavioral analysis discovered that these apps were actually collecting a vast amount of sensitive data and shipping it to locations in China that were identified as malicious.

apps android spyware apps with millions of installs caught hiding in google play delete asap

This data included contact lists, media compiled in the apps, real-time location, cellular information, and device information which the researchers claim could be leveraged to determine if the device is exploitable a la the Pegasus spyware. In total, each application performed “more than a hundred transmissions of the collected data, an amount that is so large it is rarely observed.”

access android spyware apps with millions of installs caught hiding in google play delete asap

Beyond the data collection, these apps are extra concerning as they implement some deceptive practices making them more potent. Namely, the threat actors behind these apps are believed to boost their app download numbers with install farms to make the apps seem more legitimate. Further, these apps are given advanced permissions upon download so they can launch and execute automatically without user interaction. Finally, these apps also disappear from the home screen, making it a little harder to uninstall or even know it is still on your device.

As malware is oft found on the Google Play Store, the researchers at Pradeo have a few recommendations to stay safe. This includes not downloading apps with few reviews and many users, carefully reading the permissions before accepting them, and reading reviews to see if there is anything of concern. Of course, many of these apps also have legitimate counterparts from reputable brands, so we recommend digging before simply installing an app. You never know when that random app could steal and ship your data overseas.

Thankfully, Google has removed the offending applications. A Google spokesperson reached out to let us that that, "These apps have been removed from Google Play. Google Play Protect protects users from apps known to contain this malware on Android devices with Google Play Services, even when those apps come from other sources outside of Play."
Tags:  Android, Google, security, Spyware, Google Play, (nasdaq:goog)
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment