“These” apps with spyware are stealing your data and sending it to China, report says

Last year, Google Play was seen rolling out a feature to protect users by providing them with information about what information the apps were going to collect before they downloaded them. This was the privacy-focused “nutrition label.” But it seems that hackers and developers have discovered a technique to get around the security in order to steal user data. Security experts at mobile cybersecurity firm Pradeo claim that two Google Play apps were found to contain spyware that was transmitting information to criminal sites situated in China. The company reports that spyware-filled apps harm over 10 lakh users. Additionally, the download pages for the programme said that they did not gather data.

Through a blog post, the cybersecurity company claimed to have notified Google about this discovery. The two apps that contained the Chinese spyware are “File Recovery and Data Recovery” and “File Manager.” The two apps were notably created by the same developer, Wang Tom. These apps helped the users manage their data and, in some cases, “retrieve deleted files from your phone, tablets, or any Android devices.”

Users have been advised to delete these apps if they still have them on their devices. These apps mysteriously omitted Google Play’s requirement that apps need to disclose the data they collect. The statement in the post says, “On the Google Play Store, both the above-mentioned applications’ profiles announce that they do not collect any data from users devices, which we found to be false information. Furthermore, they announce that if data was collected, users could not request it to be deleted, which is against most data protection laws like the GDPR.”

According to reports, the cybersecurity company suggests that the apps were responsible for collecting data that included the users’ contact lists, real-time user location, mobile country code, network provider name, network code of the SIM provider, and device brand and model. This information was not only collected from the device itself but also from all the connected accounts.
These apps passed the Google Play Security Check as they seemed to offer legitimate services. Further, the firm has noted that users should go through the reviews before they download the apps. They have pointed out that in many cases, the apps show a high download count. However, no reviews accompanying it make one raise an eyebrow at it. The firm has also advised that users must “carefully read permissions before accepting them.”

Notably, the same research company found “cartoonifier” software that stole Facebook login information from users last year and had over one lakh downloads. Within the Cartoonifier app, a virus dubbed FaceStealer was found by researchers. According to reports, the trojan showed a Facebook login screen that prompted users to log in before viewing the app’s main page. The programme stood to steal the information once the user entered their credentials and transfer it to a malicious server.