Security News > 2020 > November > Baidu Android apps caught leaking sensitive data from devices
Discovered by cybersecurity firm Palo Alto Networks, two apps from Chinese tech company Baidu were found leaking certain data from the devices.
With the aid of machine learning-based spyware detection, researchers at Palo Alto Network's Unit 42 security arm found multiple Android apps on Google Play that were leaking data.
"The reported issues had been addressed in the newest version of apps before Unit 42 reached out for its research. Baidu App and Baidu Maps were not removed from the Google Play store for the findings in this research. Baidu App has returned to the Play Store as of November 19. Similar to Baidu App, we are working to update Baidu Maps in accordance with Google's guidelines and expect that the app will return to Google Play in early December."
Beyond giving up the MAC address and IMSI numbers, some Android apps have been discovered leaking other types of data, including the phone model, screen resolution, carrier, network type Android ID, and the IMEI number.
Users should be aware and consider why certain apps are free, according to Miller-Osborn, pointing out that usually Android app developers are monetizing something.