In some unfortunate news, the Google Play Store has unveiled another mischievous duo hiding in its digital realm. A leading cybersecurity company called Pradeo was the one who made the discovery. Upon detecting this illicit behavior, Pradeo immediately alerted Google and the apps were removed from Google Play. Pradeo researchers discovered that two malicious apps contained spyware and secretly sent Android users’ private data to servers in China. Here’s what we know so far and what you can do if these apps are downloaded to your device.
CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK TIPS, TECHNICAL ADVICE AND EASY FEEDBACK TO MAKE YOU SMARTER
What are these apps and what do they do?
The two apps marketed themselves as file management tools and had collectively amassed over 1.5 million downloads. Both applications are called File recovery and data recovery And File manager, both from the same developer. Each app was meant to be a way for Android users to help organize files and data on their phones. Both apps also stated that no data collection takes place under their oversight.
THIS QUICK TIP HELPS YOU COPY TEXT FROM ANY IMAGE IN SECONDS
What did these malicious apps collect and share with China?
The Pradeo report found that these apps actually collect tons of private user information and share it with China without people knowing, including contact lists, media files, real-time locations, mobile country codes, network provider details, SIM card provider network codes, operating system. versions, device brands and models.
COULD SOME OF THIS $37.5M FACEBOOK SETTLEMENT BE YOURS?
Hackers’ Deceptive Tactics Behind Both Apps
The hackers behind these apps also gave the impression that they were trustworthy by using installer farms to artificially inflate the number of downloads they had. By inflating the number of downloads, they create an illusion of trustworthiness, which makes potential victims more likely to install their apps. Moreover, each app also had advanced permissions allowing them to hide their icons on an Android home screen, so uninstalling them is more difficult. This further helps the hackers maintain their presence on the victim’s device, thereby increasing the risk of unauthorized access or malicious activities.
LEARN MORE: MALICIOUS ANDROID SPYWARE DETECTED IN OVER 100 POPULAR APPS
Google’s answer to apps on the Google Play Store
We reached out to Google for comment on the two malicious apps that were discovered on the Google Play Store, and a Google spokesperson had this to say:
“These apps have been removed from Google Play. Google Play Protect protects users from apps known to contain this malware on Android devices with Google Play Services, even when those apps come from other sources outside of Play.”
DON’T PANIC: HERE’S WHAT TO DO IF APPLE THREATENS TO DELETE YOUR IPHONE PHOTOS
What if I have these apps on my Android?
You can remove apps yourself, but Google Play Protect, which is built-in malware protection for Android devices, automatically removes known malware. However, it is important to note that Google Play Protect may not be enough. Historically, it’s not 100% foolproof to remove all known malware from Android devices.
Have antivirus software on all your devices
It is possible to prevent hackers from accessing your devices if you have good antivirus software installed. Having anti-virus software on your devices will prevent you from clicking on potential malicious links that could install malware on your devices, giving hackers access to your personal information. Plus, it’s designed to tell you when there’s already malware on your device so you can get rid of it right away.
See my expert opinion on the best virus protection for your Windows, Mac, Android and iOS devices heading towards Cyberguy.com/LockUpYourTech.
HOW HACKERS ARE NOW TARGETING YOUR VOICE AND HOW TO PROTECT YOURSELF
How to uninstall an app on your Android
Settings may vary depending on your Android phone manufacturer
- Go to your Settings application
- Faucet Apps and Notifications or just apps
- Faucet See all apps
- Scroll down and find the app you want to uninstall
- Tap the app, then tap Uninstall
- To hit All right
READ MORE: ANDROID USERS AT RISK AS BANKING TROJAN TARGETS MORE APPS
How can I prevent this from happening again in the future?
Before downloading any new app on your phone, you should always be careful, even if it comes from a legitimate source like Google Play Store or App Store.
Read notices and privacy policies
This is one of the most important steps you can take before downloading an app. You want to make sure you understand exactly what kind of permissions an app has before giving out your personal information, and also be sure to read reviews carefully. Look for specificity in these reviews because sometimes hackers post generic fake reviews to make an app look legit when it isn’t. It also wouldn’t hurt to research the developer of the app to see if it’s legit.
Beware of app clones
Sometimes cyber criminals create fake or cloned versions of popular apps to trick you into downloading malware. Pay attention to app names, developer names, and reviews to make sure you are downloading the legitimate version.
Trust your instincts
If something is wrong with an app, trust your instincts. If an app looks suspicious, has bad reviews, or exhibits unexpected behavior, it’s best to err on the side of caution and avoid downloading or using it.
HOW TO HIDE PHOTOS ON YOUR IPHONE AND ANDROID FROM SNOOPS
Kurt’s main takeaways
Unfortunately, these hackers manage to trick innocent people into downloading these rogue apps, which is why we should always stay alert and research everything before downloading any app on our phones and tablets. Let’s keep our guard up and remember that a few moments of preventive research can save us from the endless headaches caused by these cunning hackers and their nefarious apps.
CLICK HERE TO GET THE FOX NEWS APP
What more could app stores do to prevent rogue apps like these from sending our private data to foreign countries like China? Let us know by writing to us at Cyberguy.com/Contact
For more of my security alerts, subscribe to my free CyberGuy Report newsletter by going to Cyberguy.com/Newsletter
Copyright 2023 CyberGuy.com. All rights reserved.