Due to spyware, the privacy and security of 1.5 million Android users are at risk with two file management apps that are available on the Google Play Store. These apps engage in deceptive behavior and secretly send sensitive user data to China. The infiltration was discovered by Pradeo, a mobile security company. The report reveals that both spyware apps, called File Recovery and Data Recovery and File Manager, are created by the same group and automatically activate when the device restarts without any user input. Despite their claims on the Play Store, the apps gather various personal information without users’ knowledge, such as contact lists, media files, location, and device details.
The significant amount of data transferred by these apps is particularly concerning. Each app conducts over a hundred transmissions, which is considerable for malicious activities. After collecting the data, it is sent to multiple servers in China that are deemed malicious. To appear more legitimate and difficult to uninstall, the developers of these spyware apps have employed sneaky techniques. They artificially boosted the number of downloads by using install Farms or mobile emulators and concealed their icons on the home screen.
Pradeo suggests that individuals exercise caution when downloading apps, especially those with no ratings. It is crucial to read and understand app permissions to prevent breaches. Organizations should educate their employees about mobile threats and establish automated detection and response systems. This incident emphasizes the ongoing battle between cybersecurity experts and malicious actors. Users must stay vigilant, exercise caution while downloading apps, and rely on reputable sources for software.
Source: Hackernews
To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.