web analytics
Home » Technology » Internet » Data Recovery App Malware On Play Store Went Undetected For a Long Time With 15 Million Installs

Data Recovery App Malware On Play Store Went Undetected For a Long Time With 15 Million Installs

Unfortunately, it is anything but unusual for malware apps to regularly appear in the Google Play Store and be downloaded and installed by ignorant people. As a rule, however, these are discovered relatively quickly and withdrawn from circulation. Not so in the present case.

In this specific case, the harmful intentions of the creators went unnoticed in a total of 1.5 million cases. Namely, so many Android users have downloaded the application called “File Recovery and Data Recovery” (com.spot.music.filedate) as well as “File Manager” (com.file.box.master.gkd). In the first case, it was around a million downloads, in the second the app had around 500,000 installations.

The fake apps were discovered by Pradeo security researchers. It explains: “(The apps) are programmed to be launched without user interaction and to secretly forward users’ sensitive data to various malicious servers in China. We informed Google of the discovery before publishing this message.”

Massive data tapping

This is in contrast to the information provided by the two apps, which have since been deleted. Because the description says that no data is collected on the user’s devices, which is not true or practical. The amount of data collected is quite large, one can even speak of enormous. In any case, the experts at Pradeo state the following points:

  • Contact lists of users of the device itself and from any connected accounts such as email, social networks, etc.
  • Media assembled in the application: images, audio, and video content
  • Real-time user location
  • Mobile phone country code
  • Network operator name
  • SIM provider network code
  • The version number of the operating system, which, like the Pegasus spy software, can lead to a vulnerability in the system
  • Device make and model

According to the security researchers, each of the two applications performed more than a hundred transfers of the collected data. The whole thing was on a scale that is rarely observed, according to the experts.