What really happened?
Google Play Store apps contain malware linked to China, raising concerns about mobile device security and privacy. Over 2 million downloads have exposed users to potential spying and data breaches, raising concerns about potential dangers.
What information did these apps gather?
According to Pradeo's blog post, the app profiles in the Google Play Store make deceptive promises about not collecting any device data. According to research, the apps harvested very sensitive personal information from its users and sent it to over a hundred malicious locations, all of which were located in China.
Data gathered by the spyware programmer included the following:
- Version of the OS
- Device type/brand
- User location in real time
- Name of the network provider
- network code for the SIM provider
- country code for cellular phones
- material including images, video, and audio
- Contact lists on the device (from all associated accounts, emails, and social networks)
How Do the Apps Trick Users?
Hackers use various strategies to make apps seem real, such as advertising vast user bases without customer reviews, operations, and minimizing user engagement. These apps can start automatically, carry out harmful activities, and are hidden on the home screen to avoid uninstallation.
How can you stay secure?
By screening apps and assessing if they respect to their security requirements, organizations should automate mobile detection and response.