Scroll Top

Spyware Apps on Google Play compromise privacy of 1.5 Million users, sending data to China


In a concerning development, two file management apps on the Google Play Store have been identified as spyware, posing a serious risk to the privacy and security of up to 1.5 million Android users. These malicious apps engage in deceptive behavior, covertly collecting sensitive user data and transmitting it to malicious servers in China.

The discovery of this infiltration was made by Pradeo, a leading mobile security company. Their recent report reveals that both spyware apps, namely File Recovery and Data Recovery ( with over 1 million installations, and File Manager ( with over 500,000 installations, are developed by the same group. Despite appearing harmless, these Android apps employ similar malicious tactics, automatically launching themselves when the device reboots without user consent.

Contrary to the claims made by the apps on the Google Play Store, where they assure users that no data is collected, Pradeo’s analytics engine has discovered that various personal information is collected without users’ knowledge. The stolen data includes contact lists, media files (such as images, audio files, and videos), real-time location, mobile country code, network provider details, SIM provider network code, operating system version, device brand, and model. Of significant concern is the substantial volume of data being transmitted by these spyware apps. Each app initiates over a hundred transmissions, indicating a high level of malicious activity. Once collected, the data is sent to multiple servers in China, all of which have been identified as malicious by security experts.

To exacerbate the situation, the developers of these spyware apps have employed cunning techniques to appear more legitimate and make uninstallation challenging. Through the use of install farms or mobile device emulators, hackers artificially boosted the number of app downloads, creating a false sense of trustworthiness. Furthermore, both apps possess advanced permissions that enable them to hide their icons on the home screen, making it arduous for unsuspecting users to uninstall them.

In light of this disturbing discovery, Pradeo provides crucial security recommendations for both individuals and businesses. Individuals are advised to exercise caution when downloading apps, especially those lacking ratings or claiming a significant user base. It is of utmost importance to carefully read and comprehend app permissions before accepting them to prevent breaches like these. Organizations, on the other hand, should prioritize employee education on mobile threats and implement automated mobile detection and response systems to safeguard against potential attacks.

This incident serves as a stark reminder of the ongoing battle between cybersecurity experts and malicious actors who exploit unsuspecting users. Malware and spyware attacks continue to evolve, finding new avenues to infiltrate trusted platforms like the Google Play Store. As users, it is crucial to remain vigilant, exercise caution when downloading apps, and rely on reputable sources for software.

Together, let us stay informed, adopt best practices, and work towards a safer digital environment.

Related Posts

Leave a comment

You must be logged in to post a comment.
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.