Connect with us

Cyber Crime

China-Linked Spyware Discovered in Popular Google Play Store Apps, Impacting Millions of Users



China-Linked Spyware Discovered in Popular Google Play Store Apps, Impacting Millions of Users

Leading mobile security solutions provider, Pradeo, has recently uncovered a disturbing case of spyware hidden within two seemingly innocent apps on the Google Play Store.

The report, authored by Roxane Suau and released on Thursday, reveals that Pradeo’s behavior analysis engine detected the presence of hidden spyware in two widely downloaded applications: File Recovery and Data Recovery, boasting 1 million installations, and File Manager, with 500,000 installations.

Shockingly, these malicious apps were created by the same developer, raising concerns about the extent of the infiltration.

ALSO READ: Search All India Police Station Phone Numbers & Mail ID Through This Search Engine

At first glance, these apps appeared to be harmless file management software, but upon closer inspection, Pradeo’s security researchers discovered their sinister intentions. The spyware-infected apps could launch autonomously without any user interaction, surreptitiously exfiltrating sensitive user data to several malicious servers located in China.

The impact of this discovery is significant, as these apps potentially compromised the privacy and security of up to 1.5 million users. The spyware, concealed within the apps, secretly collected an extensive range of personal data from unsuspecting victims. The information gathered included the user’s operating system version, device brand and model, real-time location, network provider details, SIM provider’s network code, mobile phone’s country code, multimedia content such as pictures, videos, and audio, as well as comprehensive contact lists encompassing all linked accounts, email addresses, and social networks.

The malicious actor behind these apps employed various techniques to mask their true intentions and appear legitimate. For instance, despite displaying a large user base, the apps surprisingly lacked any reviews. This led researchers to suspect the developer had utilized mobile device emulators or installed farms to fabricate high installation numbers, thereby boosting the apps’ ranking on the store.

ALSO READ: Looking For Nodal Officers Of Banks, Telecoms, Social Media? Click The Link Here To Fetch Numbers – Details Inside

The spyware-ridden apps minimized user interaction to avoid suspicion. They were programmed to launch automatically upon system startup, enabling them to continue their illicit activities even when not actively in use. To further evade detection and prevent uninstallation, these apps remained hidden from the device’s home screen, with their icons cleverly concealed.

In response to the discovery, Google promptly removed the compromised apps from the Play Store. However, users who may have downloaded these apps from third-party stores are strongly advised to delete them immediately. Additionally, it is crucial for users to exercise caution when downloading apps, especially those lacking reviews despite boasting a substantial user base. Conducting thorough reviews of an app’s feedback can help identify potential security risks or fraudulent activity.

ALSO READ: Step By Step Guide: How To File Cybercrime Complaint Online In India

Moreover, organizations should take proactive measures to enhance mobile security by automating the detection and response process. Vetting apps and ensuring they comply with stringent security policies can help mitigate the risk of infiltrated spyware, safeguarding both personal and corporate data.

The recent discovery of China-linked spyware within popular apps on the Google Play Store serves as a stark reminder of the ever-present threat to mobile security. Remaining vigilant and adopting comprehensive security measures are essential in protecting user privacy and preventing unauthorized data breaches.

Key Highlights:

  • Pradeo’s security researchers uncover spyware hidden in Google Play Store apps.
  • Two popular apps, with a combined total of 1.5 million installations, found to contain malicious behavior.
  • The spyware secretly exfiltrated sensitive user data to malicious servers in China.
  • Data collected included personal information, device details, location, and multimedia content.
  • Hacker used tactics such as fake user base and minimal user interaction to deceive users.
  • Google has removed the compromised apps, but caution is advised for users who downloaded from third-party stores.
  • Organizations should automate mobile detection and response to ensure app security compliance.

Follow on

 Telegram | Facebook | Twitter | LinkedIn | Instagram | YouTube