Two spyware apps for Android users have been found in the Google Play Store. A new analysis shared by cybersecurity researchers has uncovered two spyware apps masquerading as file management tools. With more than 1.5 million downloads, these two apps are said to be sending user data to servers based in China.
Two spyware Android apps on Google Play Store
‘File Recovery and Data Recovery’ and ‘File Manager’ apps were found to be spyware. They were found to collect sensitive user data and send it to China. The ‘Data Security’ section of the Play Store claimed that the data was stored on the country’s servers.
According to the investigation, the data collected included contact lists, media stored in apps, real-time location data, mobile phone information and device-specific details. The researchers said the data collected could be used to track devices. Each app was observed to send more than 100 copies of the collected data.
Google has released Android 14 beta to Pixel models, and other OEMs like Xiaomi, Oppo, Vivo, and Nothing are offering it on their devices too.
What makes the File Recovery and Data Recovery and File Manager apps even more dangerous are the techniques they use. By using fake install farms that increase the number of downloads, the developers were able to stand out in the app charts. They were also found to launch automatically in the background after user permissions were obtained.
They were also found to hide their presence by removing the application icons from the device’s home screen. This made it difficult for users to both detect the applications and remove them from the device.
Researchers who contacted Google about the applications and removed them from the Play Store made a number of recommendations to increase user safety. For example, you should be wary of apps with few reviews but a high number of downloads. You should also carefully review the permissions requested by applications before granting access.
