Synopsis-
“Sometimes one of many apps turns out to be a spy and tracks the user’s operation in the Android world and also sends the data to their personal server. One such event has been discovered by Pradeo where it reports that two spyware Android apps are secretly sending sensitive user data to malicious servers in China.”
Apps have been the lifeline of smartphones allowing users to have easy access to their required information. These apps are installed through a play store, be it an Android or an iOS device. Sometimes one of many apps turns out to be a spy and tracks the user’s operation in the Android world and also sends the data to their personal server.
One such event has been discovered by Pradeo where it reports that two spyware Android apps are secretly sending sensitive user data to malicious servers in China. Both spyware apps, namely File Manager (com.file.box.master.gkd) and File Recovery and Data Recovery (com.spot.music.filedate) have more than 500, 000 and 1 million installs, respectively putting the privacy and security of up to 1.5 million Android users at risk.
Why are these spyware apps harmful?
Developed by the same group, these seemingly harmful Android apps employ the same malicious tactics and automatically launch when the device reboots without user input.
In contrast to what they claim on Google Play, where both apps assure users that no data is gathered, Pradeo’s analytics engine discovered that different personal information is gathered without users’ knowledge. Contact lists, media files (images, audio files, and videos), real-time location, SIM provider network code, operating system version, mobile country code, network provider details, device brand, and model are all examples of stolen data.
Sneaky Techniques Used to Create These Apps to Make It Legitimate
To make matters more severe, the developers of these spyware apps have used deceptive techniques to make them appear more legitimate and difficult to uninstall. Hackers used install Farms or mobile device emulators to artificially increase the number of app downloads, creating a false sense of reliability. Furthermore, both apps have advanced permissions which enable them to conceal their icons on the home screen, making it difficult for inadvertently uninstalling them.
