We often hear that to be safe online, don’t download apps from an untrusted source. Use the google play store as your primary source for getting genuine apps. But are all the apps on the play store safe? What if hackers have managed to infiltrate the impregnable google fort? What if they have found a way to bypass the security check and steal our data? It might sound frightening but that’s the harsh reality. According to research carried out by CyberNews, there are more than 100 apps listed on play store with more than 69 million downloads which are using unfair means to collect user data. This means that data of these 69 million users are at direct risk of being stolen and being misused.
Which apps are malicious?
According to the research, 103 such apps are created by a “secret network” of 20+ developers operating allegedly from China. These apps are not just stealing your precious data, but also bombarding you with malicious ads and using your online presence to spy on you. These apps have one thing in common. Mostly all of them were cloned from a much popular app that offers the same functionality. According to the report, these clone apps use most of the code as their counterpart but with very minor tweaks that allow them to bypass the play store security.
List of some of the devious app :
|2NAD App developer||App name|
|Daniel Malley||Glitch Effect Video, Photo Editor Grainy Effect|
|Daniel Malley||Mod for Minecraft, Mods For Minecraft Animals 2019|
|Daniel Malley||Voice Changer, Voice Recorder Editor With Effects|
|Daniel Malley||Sketch Photo Editor And Pencil Sketch Art|
|Daniel Malley||Horoscope 2019 With 12 Zodiac Sign Master|
|Alex Joe||Face Makeup Camera & Beauty Photo Makeup Editor|
|Arrow Frankie||Video Editor With Music App, Video Maker Of Photo|
|Arrow Frankie||Call Recorder Automatic, Call Recording 2 Ways|
|Rusty Mari||Screen Recorder With Facecam & Audio, Video Editor|
|Rusty Mari||Nucie Cam: Beauty Selfie Camera With Photo Editor|
|Weldon Hazeltine||PDF Scanner Camera Scanner: JPG To PDF Converter|
|Weldon Hazeltine||App Locker Fingerprint, PIN And Gallery Locker|
|Weldon Hazeltine||Photo Collage Maker And Picture Grid Art Frame|
|Weldon Hazeltine||Metronome And Tuner For Instrument|
|Weldon Hazeltine||Relax Sound Sleep Music And Soothing Sounds|
|Jacinto Macias||Cut And Paste Photo Editor With Background Eraser|
|Jacinto Macias||Screen Recorder With Audio And Facecam, Screenshot|
|Jacinto Macias||App Locker With Password Fingerprint, Lock Gallery|
|Jacinto Macias||Video Maker With Music Photos, Video Effects App|
|Jacinto Macias||Photo Collage Maker And Picture Grid, Photo Layout|
|Jacinto Macias||Video Editor, Video Maker With Music Photos & Text|
|Flavia Sleeman||Video Editor With Music And Effects & Video Maker|
|Flavia Sleeman||Cut And Paste Photo Editor To Change Background|
|Flavia Sleeman||Screen Recorder, Game Recorder With Facecam, Audio|
|Flavia Sleeman||JPG To PDF Converter With Camera Scanner To PDF|
|Flavia Sleeman||Bubble Level Ruler With Inclinometer Free|
|Douglas Morace||RAR File Extractor And ZIP Opener, ZIP RAR Creator|
|Douglas Morace||Automatic Call Recorder Incoming And Outgoing App|
|Douglas Morace||App Locker With Password, Photo Gallery Locker|
|Douglas Morace||Color Call Screen Themes With Flash On Call|
|Dulcie Lawing||Glitch Effect Video Editor And Vhs Effect Photo|
What information do they collect?
They are collecting tons of information about you, which has nothing to do with the app. They are collection info regarding “ data stored within your device and other information you transmit or receive using the Application, your geographic area information using GPS, email addresses, unique device identifier, billing or shipping information”. The twist here is that they get all the information because you gave them the consent, of course unknowingly. But it is unethical for an app to collect all this information if the app has no use of it.
Is Google aware?
Yes, google lately is taking such reports very seriously. Out of these 103 apps, 59 has already been removed while others remaining still under inspection. Google also recently red-flagged quite a few chrome web extensions that were stealing crypto-currencies data. These extensions were mimicking popular cryptocurrency wallets and were stealing crypto-wallet private keys, mnemonic phrases, and other raw secrets.
How to protect it?
First of all, if you have any of the 103 mentioned apps, delete them immediately (list attached above). Secondly, though the play store has seen some a surge in malicious apps, it is still the best source to download apps. Google has been quick in red-flagging such apps and updating its policies. Downloading apps from an unknown source is a big No No. And lastly, don’t trust the apps blindly. Stay aware, look for what all information app is asking for. And assess whether that particular app needs such permission. For instance, there is no reason for a calculator app to have access to your camera. The cyber-world is filled with notorious bullies. It only takes a few unguarded steps to fall prey to them.
I would like to add my praise to such a clear depiction of the subject which will surely be of great value . Keep up the good work!