More than 1.5 million Androids users are at risk of Chinese hackers after two spyware apps were found in the Google Play Store.
Anyone with the apps File Recovery & Data Recovery and File Manager are being urged to delete them from devices manually, as they are scraping personal information.
This data includes contact lists, pictures, videos and real-time user location.
Cybersecurity firm Pradeo made the discovery and reported the malicious apps to Google – the tech giant has since removed them.
Security researchers have uncovered two spyware apps on Google Play that send user data to China – and more than 1.5 million Android owners downloaded them
Wang Tom is shown as the developer of both apps, mentioning they do not collect users’ data.
However, Pradeo found this to be false upon a deeper analysis.
Pradeo also revealed that the two apps hide their home screen icons, making finding and removing them more difficult.
The apps, updated at the end of June, also abuse the permissions the user approves during installation to restart the device and launch in the background.
And the publisher likely bloated the popularity of the apps to get more attention on Google Play, BleepingComputer reports.
Pradeo found the apps can scrape contact lists connected to email accounts, social networks and those stored on the device.
Users’ pictures, audio and video are also vulnerable, along with their location, mobile country code and network provider name.
Cybersecurity firm Pradeo made the discovery and reported the malicious apps to Google. This data being collected includes contact lists, pictures, videos and real-time user