VivaVideo “Spyware” Contains Remote Access Trojan

The vogue of web contamination continues. According to reports, it’s been found that one of the biggest free video editing apps for Android, VivaVideo has been accused of operating as a malware. The widely used app has over 100 million installs on the Play store, which is being accused as a Chinese “spyware” app. This malicious app requests a wide source of administrative vogue of web contamination continues.
According to reports, it’s been found that one of the biggest free video editing apps for Android, VivaVideo has been accused of operating as a malware. The widely used app has over 100 million installs on the Play store, which is being charged as a Chinese “spyware” app. This malicious app requests a vast source of administrative.

derivatives of vivavideo

Insights of VivaVideo

According to VPNpro, VivaVideo has a chronicle of malware. In the year 2017, Indian security personnel stated it as one of 40 apps suspected of spyware in a country-wide. As an immediate action taken for all Indian military and paramilitary troops. It was recommended to delete the intrusive apps immediately. The app is suspicious because it is developed by QuVideo Inc., a Chinese company based in Hangzhou, which has an early history of creating similar unnecessary, dangerous applications. Additionally, VPNpro found five total apps within its network.
Later on, VPNpro discovered that QuVideo has four more applications that are available on Apple’s App Store. Those four apps are listed below.
  • VivaVideo
  • SlidePlus
  • VivaCut
  • Tempo
The last two apps VivaCut Abd Tempo are published on the name of a different developer name, anonymously hiding their association with QuVideo Inc.

The Indian version of VivaVideo

Besides, the major discovery by VPNpro found that QuVideo also owns the popular Indian app called VidStatus.” The Indian version of this app has more than 50 million installs on Playstore. “VidStatus,” which is a “video status” tool for WhatsApp, asks for nine dangerous permissions, including GPS, the background data access, read contacts and calls, and even traverse through a user’s call log. The malicious application was also recognized as malware by Microsoft, comprising a Trojan known as “AndroRat. These trojans are capable of stealing people’s bank, cryptocurrency, or PayPal wallet currency claims VPNpro. It was concluded that QuVideo does not officially claim VidStatus, VivaCut, or Tempo on the Play store.
Further, VPNpro came across a new story that briefs about a major Indian social video app related to WhatsApp, known as ShareChat, which has doubtful connections to QuVideo. It becomes more suspicious when these apps share the same API key within the app file (APK).

api key

Brief History:

Because of such a background history of QuVideo. It has been defending itself from being accused as a shelter for active trojans. VPNpro recommends users to opt for better security measures to boost the performance of your phone. It is always recommended to delete them from your phones as soon as possible.
Hank Schless, Senior Security Manager at Lookout, states that major administrative permission requested by apps, such as access to location and call logs, could potentially violate major privacy regulations.
“Organizations should have a way to understand the permissions being requested by apps across their mobile fleet and blacklist apps that ask for certain permissions. For example, a healthcare organization that allows employees to use tablets to access patient data should also block any apps that request access to the device’s address book in case that could violate HIPAA. A big problem is that people don’t often review app permissions before sharing personal data with an app developer,” says Schless.
Digital security must be the top priority.

android spywqare

Key highlights:

  • Basically, QuVideo Inc is a Chinese corporation that also runs under the names Xiaojing and Hangzhou Zhuying Technology Co., Ltd. It has been found that it’s top 5 most used apps in the QuVideo network have over 157 million downloads installs.
  • In 2017, the VivaVideo app was identified as intrusive spyware by the Indian cyber forensic community.
  • Additionally, a similar app on its network, “VidStatus,” with 50 million installs, was accused by Microsoft for containing a remote access Trojan known as “AndroRat.”
  • VidStatus asks for nine armed permissions, including reading phone state, GPS location, audio-video recorder, storing call records, while its similar derivative Tempo app foolishly asks for four different location permissions.
  • Two of the apps ask for background data access and screen capture plus message sharing permissions, which gives an extra edge to the app for data capturing.
For concerning deep insights and detailed findings, please visit

- Advertisement -

Prashant Singh
Prashant Singhhttps://www.hackthebow.com
Prashant is a student of Computer Science and Engineering at NIT Allahabad. He is also a web pentester and cybersecurity analyst. He may be an introvert and sociable person at the same time. He loves meeting new people and he is in a journey to explore himself. Currently working as a content writer at BLARROW.TECH.

- Advertisement -

Latest articles

Related articles