Google Spyware Apps With Over Millions of Users Sent Their Data to China

Google Spyware Apps

Google is a huge corporation with hundreds of services and businesses under its logo. One of the main priorities that the company voices is a safe environment for all users of their services and perfect protection of data of people who trust the services of the company and its products. Still, Google itself has been repeatedly caught in scandals about the leakage of users' data from its services. One of the most notorious is the Google data breach in 2018

Now there is a new scandal related to the Google app service, in which hackers placed two Google Spyware Apps with a total of about 1.5 million users that unauthorizedly collected user data and sent it to servers in China, which among cybersecurity analysts, are considered malicious.

How the Illegal Activities of Google Spyware Apps Were Uncovered

Pradeo, a prominent mobile security analytics company, has brought to light critical information regarding potentially harmful Google Spyware Apps designed for Android devices. Their recently published report highlights the detection of two concealed apps by Pradeo's advanced security engine, operating within the Google apps system. These suspicious apps, originating from an author identified as "wang tom," raise significant concerns about user privacy and underscore the urgent need for heightened vigilance against such malicious software. 

 

  1. The first app File Recovery and Data Recovery - com.spot.music.filedate 
  2. The second app  File Manager - com.file.box.master.gkd. 

 

The first application had about one million installations, and the second one had about half a million more. 

 

Judging from their names, both applications were supposed to function as file managers for mobile devices. Still, according to analysts, they have all the hallmarks of malicious programs that collect and send users' data without their knowledge and consent. 

 

The authors of the study indicated that they had notified Google of the publication of their investigation before making the data public.

How Google Spyware Apps Managed to Trick Users

According to numerous studies, 89 to 97% of users do not read the terms and conditions before installing any application. This applies to installing programs on computers and mobile devices. And one could assume that users consented to transfer their data by installing these applications and not reading the terms and conditions, but no. The applications themselves ensure that they do not collect and not distribute user data, although, as it turned out, it is not so. The algorithm of Pradeo researchers found that data collection and distribution took place without the users' knowledge. Moreover, people likely didn't know they were using these apps. 

 

  • Contrary to the conventional wisdom that all cell phone apps should be visible on the screen, these two apps were hidden in the system and had no active icons, making them difficult to remove. 

 

After installing these Google Spyware Apps, users may have forgotten they had installed them, but the apps still collected their data. They did this when the device was rebooted. To access all sensitive information, the user does not need to give any consent. The programs did it offline.

What Data Google Spyware Apps Stole From Users for Illegal Use

According to analysts, during the reboot of the device, applications performed about a hundred data transfers, which is a lot and once again indicates malicious actions. Even more frightening is the fact that among the possibly stolen information was all the personal information of the user of the mobile device, namely:

 

  • Complete contact lists, including not only your address book, but also connected services and accounts.
  • Personal photos and video files from various processing applications.
  • Location data of the device user 
  • Country code of the cell phone
  • Network provider name
  • Firmware version
  • The make and model of the device itself.

 

That's all the analysts have been able to determine so far. It is too early to say what purpose this data is being collected for and what criminal purposes it may be used for.

Simple but Effective Ways to Protect Yourself From Google Spyware Apps

These Google Spyware Apps are no longer available for download and are most likely removed from the platform. Still, experts advise paying attention to what to watch out for when installing apps with even nominal millions of users from a supposedly safe environment. There are two major red flags to watch out for. 

 

  1. Lack of comments: An app can have thousands of downloads but not a single comment. This should be suspicious. 
  2. Lack of reviews: Lack of review of the application functionality on separate Internet resources and mentioning it on forums with millions of downloads should be a stop signal for you before downloading such an application. 

 

And, of course, no matter how long and tedious the agreement and installation terms may seem, reading them is still highly recommended. 

Special Recommendations for Legal Entities

Against the backdrop of ever-increasing threats in cyberspace, your company's security may depend on your employee's training. And since your employee can connect to the work network from their phone, they must understand the basics of cyber security. For this purpose, it is advisable to hold regular consultations with specialists and training seminars for employees to explain the key points of cyber threats and their prevention to each employee.

Categories

 

For your convenience, we’ve divided our blog on cyber security into several categories so that you can find necessary articles fast and effortlessly. Just choose the category that evokes your interest and enjoy reading.