Google is a huge corporation with hundreds of services and businesses under its logo. One of the main priorities that the company voices is a safe environment for all users of their services and perfect protection of data of people who trust the services of the company and its products. Still, Google itself has been repeatedly caught in scandals about the leakage of users' data from its services. One of the most notorious is the Google data breach in 2018.
Now there is a new scandal related to the Google app service, in which hackers placed two Google Spyware Apps with a total of about 1.5 million users that unauthorizedly collected user data and sent it to servers in China, which among cybersecurity analysts, are considered malicious.
Pradeo, a prominent mobile security analytics company, has brought to light critical information regarding potentially harmful Google Spyware Apps designed for Android devices. Their recently published report highlights the detection of two concealed apps by Pradeo's advanced security engine, operating within the Google apps system. These suspicious apps, originating from an author identified as "wang tom," raise significant concerns about user privacy and underscore the urgent need for heightened vigilance against such malicious software.
The first application had about one million installations, and the second one had about half a million more.
Judging from their names, both applications were supposed to function as file managers for mobile devices. Still, according to analysts, they have all the hallmarks of malicious programs that collect and send users' data without their knowledge and consent.
The authors of the study indicated that they had notified Google of the publication of their investigation before making the data public.
According to numerous studies, 89 to 97% of users do not read the terms and conditions before installing any application. This applies to installing programs on computers and mobile devices. And one could assume that users consented to transfer their data by installing these applications and not reading the terms and conditions, but no. The applications themselves ensure that they do not collect and not distribute user data, although, as it turned out, it is not so. The algorithm of Pradeo researchers found that data collection and distribution took place without the users' knowledge. Moreover, people likely didn't know they were using these apps.
After installing these Google Spyware Apps, users may have forgotten they had installed them, but the apps still collected their data. They did this when the device was rebooted. To access all sensitive information, the user does not need to give any consent. The programs did it offline.
According to analysts, during the reboot of the device, applications performed about a hundred data transfers, which is a lot and once again indicates malicious actions. Even more frightening is the fact that among the possibly stolen information was all the personal information of the user of the mobile device, namely:
That's all the analysts have been able to determine so far. It is too early to say what purpose this data is being collected for and what criminal purposes it may be used for.
These Google Spyware Apps are no longer available for download and are most likely removed from the platform. Still, experts advise paying attention to what to watch out for when installing apps with even nominal millions of users from a supposedly safe environment. There are two major red flags to watch out for.
And, of course, no matter how long and tedious the agreement and installation terms may seem, reading them is still highly recommended.
Against the backdrop of ever-increasing threats in cyberspace, your company's security may depend on your employee's training. And since your employee can connect to the work network from their phone, they must understand the basics of cyber security. For this purpose, it is advisable to hold regular consultations with specialists and training seminars for employees to explain the key points of cyber threats and their prevention to each employee.
For your convenience, we’ve divided our blog on cyber security into several categories so that you can find necessary articles fast and effortlessly. Just choose the category that evokes your interest and enjoy reading.