Google removed two apps that illegally collected user data. The malicious apps already had over 1.5 million downloads and they were available on the Google Play Store.
The discovery was made by the cybersecurity company Pradeo. The company's analysis mechanisms identified that the 'File Manager' and 'File Recovery' applications and Data Recovery' were systems with malware that sent people's information to servers in the China.
see more
There are some dog breeds considered perfect for people…
Sweet news: Lacta launches Sonho de Valsa e Ouro chocolate bar…
According to analysts, the applications were programmed to silently steal confidential data. Therefore, they sent an alert to Google that removed the two applications from its Virtual store.
What data was collected by app malware?
The apps illegally collected personal and location data, as their specifications and terms of use described No data collected, which means that no data should be collected by the apps.
O "file manager” had 500,000 installations, while “
File Recovery and Data Recovery” already had one million downloads. The suspicion is that the developers used emulators or installation farms to give applications popularity in virtual stores.The apps contained malware, which is an smalicious software designed to inflict damages or other actions harmful to systems such as smartphones and computers.
In this way, the apps collected the following information from users who downloaded the apps:
- Contacts list (from device memory, emails and social networks);
- Images and audio and video content;
- Real-time location;
- Country area code;
- Network provider name;
- Provider network code;
- Operating system version number;
- Device brand and model.
A Pradeo reported that each application makes more than one hundred transmissions of data collected, which represents a large amount that is not always observed.
To the Bleeping Computer portal, Google said in a note this Thursday (6) that it carried out the removal of applications and that “Google Play Protect protects users against apps known to contain this malware on Android devices running Google Play Services, even when those apps come from sources other than Google Play”.