Pradeo, a mobile cybersecurity company announced that they have discovered two different spyware apps available in Google Play Store. Both applications appear to be serving the purpose, but in reality, they consistently steal significant amount of user data at the background, Pradeo claims that these apps were programmed to be able to run without user’s interaction.
These two spyware apps are from the same Chinese developer, “wang tom”. Pradeo revelas that both applications acquire a significant amount of the user’s information, including in their contact list and personal pictures or videos, and even their current location information in real-time.
These spware apps can operate constantly in the background, continuously transmitting the gathered data to a server located in China without user’s knowledge. Here is the full list of stolen data.
- Users’ contact lists from the device itself and from all connected accounts such as email, social networks…
- Media compiled in the application: Pictures, audio and video contents
- Real time user location
- Mobile country code
- Network provider name
- Network code of the SIM provider
- Operating system version number, which can lead to vulnerable system exploit like the Pegasus spyware did
- Device brand and model
The download rate of the apps appears a lot but Pradeo claims the hackers might user a Android device emulator to evidence the app is trustworthy and have been downloaded by many users. The app review section didn’t include any comments but the app itself had around 500K – 1M downloads.