Google detects two malicious Apps on Play Store, used to steal user’s personal information
Google has detected two malicious apps File Recovery and Data Recovery and File Manager on the Play store. Those were used to steal user data.
Two file management apps with over 1.5 million combined downloads on Google Play, were found to be sending user data to some servers in China, confirmed mobile security firm Pradeo.
Both the apps, File Recovery and Data Recovery (com. spot. music. filedate) and File Manager (com. file. box. master. gkd), were developed by the same developer and claimed to offer file management and recovery features.
However, Pradeo detected that the apps were actually collecting a wide range of sensitive that includes Contact information, Call logs, Messages, Device location, Device ID, Browser history and App usage data and was sending those to the Chinese servers.
The data which were sent to the servers in China are considered to be malicious by security experts and reportedly those were used to to spy on users and to collect their personal information.
Of course Google has removed the apps from the Play Store, but they may still be found on some devices. So the users are recommended to immediately uninstall the apps and scan their devices for other malware.
Well, this is not the first time Google detected malicious apps on the Play Store. Before in 2022, Google had removed over 100,000 apps from the store for violating policies.
So it might happen that Google will stringent norms for uploading apps to Play Store in the coming Days.