Security News > 2023 > July > Apps with 1.5M installs on Google Play send your data to China

Apps with 1.5M installs on Google Play send your data to China
2023-07-06 18:43

Security researchers discovered two malicious file management applications on Google Play with a collective installation count of over 1.5 million that collected excessive user data that goes well beyond what's needed to offer the promised functionality.

The apps, both from the same publisher, can launch without any interaction from the user to steal sensitive data and send it to servers in China.

Despite being reported to Google, the two apps continue to be available in Google Play at the time of publishing.

The two apps were discovered by the behavioral analysis engine from mobile security solutions company Pradeo and their description states that they do not collect any user data from the device on the Data Safety section of their Google Play entry.

While the apps might have a legitimate reason to collect some of the above to ensure good performance and compatibility, much of the collected data is not necessary for file management or data recovery functions.

Roid apps with spyware installed 421 million times from Google Play.


News URL

https://www.bleepingcomputer.com/news/security/apps-with-15m-installs-on-google-play-send-your-data-to-china/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Google 102 256 4320 4678 741 9995