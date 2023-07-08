



July 8, 2023 Swati Khandelwal Mobile Security/Spyware

Two file management apps in the Google Play Store have been found to be spyware, putting the privacy and security of up to 1.5 million Android users at risk. These apps act deceptively and covertly send sensitive user data to malicious servers in China.

Pradeo, a leading mobile security company, discovered this disturbing intrusion. This report includes both File Recovery and Data Recovery (com.spot.music.filedate) installed over 1 million times and File Manager (com.file.box.master.gkd) installed over 500,000 times. of spyware apps are being developed. by the same group. These seemingly harmless Android apps use similar malicious tactics to automatically launch on device reboot without any user input.

Contrary to claims in the Google Play Store, where both apps assure users that no data is collected, Pradeo’s analytics engine found that various personal information was collected without the user’s knowledge. bottom. The stolen data includes contact lists, media files (images, audio files, videos), real-time location information, mobile phone country code, network provider details, SIM provider network code, operating system version, device of brands and models.

Of particular concern is the large amount of data transferred by these spyware apps. Each app performs over 100 submissions, which is a significant amount for malicious activity. Once the data is collected, it is sent to multiple servers in China, which are considered malicious by security experts.

To make matters worse, the developers of these spyware apps use sneaky techniques to make them look more legitimate and harder to uninstall. Hackers have installed his farms and mobile his devices his emulators to artificially increase the number of app downloads, creating a false sense of trust. Additionally, both apps have advanced permissions to hide their icons on the home screen, making it difficult for unsuspecting users to uninstall them.

Pradeo offers security recommendations for individuals and businesses in light of this disturbing discovery. Be careful when downloading apps, especially those that have no ratings if they claim a large user base. To prevent such breaches, it is very important to read and understand any app permissions before accepting them.

Organizations should prioritize educating employees about mobile threats and setting up automated mobile detection and response systems to protect against potential attacks.

The incident highlights the ongoing battle between cybersecurity experts and malicious actors who exploit unsuspecting users. Malware and spyware attacks are constantly evolving, finding new ways to penetrate trusted platforms like the Google Play store. As a user, it is imperative to stay vigilant, be careful when downloading apps, and rely on trusted sources for software.

