The firm, in a recent blog post, highlighted that both applications from the same developer had been identified as posing as file management applications and exhibiting similar malicious behaviours. The two apps referred to are “File Recovery & Data Recovery” and “File Manager“.
As per the firm, the profiles of the mentioned applications on the Google Play Store claim that they do not collect data from users’ devices.
- However, the firm states that it has discovered this information to be false.
- In addition, it is stated that users would not have the ability to request the deletion of their collected data, which goes against data protection laws such as the GDPR.
As per the blog post, the findings from their analysis revealed that both spyware apps collect personal data from their targets and send it to various servers, mostly located in China. It is important to note that these apps are considered malicious and threaten users’ privacy and security.
The stolen data includes:
- The apps gather contact information from the device itself and from connected accounts like email and social networks.
- The apps also collect pictures, audio files, and videos stored on the device.
- The spyware tracks and retrieves the current location of the user.
- Information such as the mobile country code, network provider name, and SIM provider’s network code is obtained.
- The version number of the operating system is captured, which could potentially be exploited by vulnerabilities similar to the Pegasus spyware incident.
- The spyware records the brand and model of the device being targeted.
How to stay safe from spyware apps
The firm states that if you are using these applications, it is strongly advised to delete them. And it has also explained how can individuals, as well as organisations, can safeguard themselves from such scenarios.
- Be cautious when downloading apps with no or very few reviews from users.
- Reading reviews can give you insights into the true nature of an app, so pay attention to them.
- Always carefully review the permissions requested by an app before accepting them. Make sure they align with what the app should legitimately need.
- Raise awareness about the risks posed by mobile threats.
- Implement automated mobile detection and response systems to provide secure flexibility to users. This can involve vetting applications and preventing their use if they do not comply with your organisation’s security policy.