Even though the Play Store is typically a reliable source for obtaining apps for Android smartphones, occasionally rogue programmes manage to enter the app store. File Recovery & Data Recovery and File Manager are the most recent dubious applications that were discovered lurking on the Play Store.
According to cyber security firm Pradeo, 1.5 million consumers downloaded these apps from the same developer. Although they appear to be file management apps, they are spyware that secretly sends user information to servers in China.
More than a million customers downloaded File Recovery and Data Recovery, compared to 500,000 who installed File Manager. The apps said they wouldn’t gather any data from devices, but Pradeo discovered that this was an untrue statement.
The fact that the apps said that any data obtained would not be destroyed even at the user’s request, which is against data protection rules, is equally troubling.
According to Pradeo’s investigation, the apps gathered personal information like:
Contacts saved in the device
Email and social network contacts
Pictures, audio, and videos compiled in the app
Real-time user location
Name of the network provider
Operating system version number (possibly to exploit vulnerabilities)
For file management and data recovery activities, the majority of this information is not necessary. The apps do not request the user’s consent before gathering this information. Additionally, the apps conceal their home screen icons, making it more difficult to remove them. Both applications transfer data over a hundred times each, which is an alarmingly high number.
File Recovery & Data Recovery and File Manager adopt a strategy in which the victim’s device restarts and the malicious apps start up in the background. This is done because malicious apps frequently need user input for effective attacks.
The apps were only recently deleted from Google Play, according to a Bleeping Computer report. It goes without saying that you should remove these apps from your phone as soon as possible. You can delete them from the app list in settings if you don’t see them on the home screen.