google Play Protect checks that apps in the Play Store are malware-free. It also checks third-party apps to protect against viruses on android devices. But it turns out that there are other ways to steal user data besides spreading malware. These two malicious apps are already removed from Google Play. So it's better to check whether they are on your phone.
Pradeo security firm said that two apps in the Play Store have collected huge amounts of user data, despite their claims to the contrary. More than 1.5 million people have downloaded these Wang Tom applications. At least 1 million people have downloaded File Recovery and Data Recovery (com.spot.music.filedate), while more than 500,000 people have downloaded File Manager (com.file.box.master.gkd).
The Play Store listings for both apps falsely claimed that they collect no user data. But these apps even violated the European Union's General Data Protection Regulation (GDPR), which requires that the collected personal data should have an option for removal. The security firm found that these apps were sending stolen user data to China. The data included: contact lists, media files (images, audio, video), real-time user location, mobile country code, network carrier info, SIM provider network code, and OS version number. This left the system vulnerable to attacks such as the Pegasus spyware.
Gizchina News of the week
How these malicious apps work
To ensure the activation of the malicious apps, they required extra rights to force the device to restart. After the restart, the apps started malicious operations without user input. Plus, both apps made deleting them from an infected phone difficult, as their icons are not on the home screen.
Google confirmed the removal of these two malicious apps from the Play Store. The latter said that Google Play Protect protects Android devices running Google Play Services from known malicious apps, even if they come from external sources. These apps should be removed if they are still present on a user's phone, as they can still be dangerous.
Pradeo also made a number of suggestions to improve user security. One is to avoid apps with few or no reviews. Another is to check permissions before approving them. A third is to pay attention to user reviews, as they often reveal the true character of an app. Another piece of advice is to observe how apps work, such as their impact on battery life or if they cause overheating. Plus, looking at user reviews and doing an online search could shed light on the sources of software.