



Google Play Protect scans apps in the Play Store before they are installed to ensure that the apps you add to your phone are free of malware. It also scans your phone to see if sideloaded apps (installed from third-party app storefronts) have infected your Android handset. However, there are other ways to steal personal data besides providing malware-laden apps.

Two Play Store apps with 1.5 million installs lied about not collecting user data

According to security firm Pradeo (via BleepingComputer), two Play Store apps with over 1.5 million installs were collecting more user data than the apps needed to do what they were supposed to do. . The two apps are from the same developer, wang tom. One of the titles is “File Recovery and Data Recovery”, which appears as “com.spot.music.filedate” on devices and has been installed at least 1 million times. Another app, which has been installed at least 500,000 times, is titled “File Manager” and appears as “com.file.box.master.gkd” on the device.

These two apps had over 1.5 million total installs on the Play Store and stole user data.

The two apps were discovered by Pradeo and listed on the Play Store as not collecting user data, which was a flat out lie. These apps also violated the EU’s General Data Protection Regulation (GDPR), which states that personal data collected by the apps cannot be deleted. A security firm found that personal data was stolen by the app and sent to China. The stolen data includes:

The user’s contact list from the device itself and all connected accounts such as email, social networks, etc. Media edited in the application: photo, audio, and video content. Real-time user location. Mobile country code. Network provider name. network code. SIM provider. Operating system version number. It can lead to exploitation of vulnerable systems like Pegasus spyware.

To confirm that the malicious app was launched, the additional permissions received by the app can now force the device to reboot. When the phone rebooted, the app was up and ready to perform malicious tasks without any user intervention. Both apps hid their icons from the home screen, making them nearly impossible to remove from infected devices.

In a statement, Google confirmed that the two apps had been removed from the Play Store, stating, “These apps have been removed from Google Play. Google Play Protect uses Google Play Services to protect Android devices from to protect users from apps known to contain this malware.” Even if those apps come from sources other than Play. Even though Google has removed apps from the Play Store, if those apps are still on your device, you may run into problems. Please remove it immediately.

Security firm Pradeo lists some recommendations

Pradeo provided some recommendations, some of which we discussed earlier.

Never download an application without reviews while it has thousands of users. If there are reviews, read them. Reviews usually reflect the essence of the application. Always read the permission carefully before accepting it.

Here are some tips we’ve learned over the years. If running a particular app causes your phone to heat up or drain your battery, that app is likely at risk. Rogue apps with adware may be playing ads in the background to generate revenue.

App lied to Play Store and also violated GDPR rules on user data

And we wholeheartedly agree with Pradeo’s tip: “If there are reviews, read them. Reviews usually reflect the essence of the application.” We’ve been saying that for years. If an app review gives you red flags, don’t install it, just keep going and never look back. A simple rule is to check reviews for apps from developers you’ve never heard of. If you’re still not sure, Google the app’s name and see what you get.

