Η company security Pradeo discovered two file manager apps in the Google Play Store that are spyware, and send your data to malicious servers in China.
Pradeo, a leading mobile security company, revealed that there are two spyware apps on Google Play, “File Recovery & Data Recovery” (com.spot.music.filedate) with over 1 million installs, and File Manager (com.file.box.master.gkd) with over 500.000 installs.
Both come from the same group and although seemingly harmless they use similar malicious tactics. They start automatically when the device restarts and collect various personal information without users' knowledge.
Stolen data includes contact lists, media files (images, audio and video files), real-time location, mobile country code, network provider information, SIM provider network code, operating system version, device brand and model.
To make matters worse, the developers of these spyware applications have used sneaky techniques to make them look more legitimate and make them difficult to uninstall.
Hackers artificially inflated the number of downloads of these apps with mobile emulators, creating a false sense of credibility. Additionally, both apps have advanced permissions that allow them to hide their icons on the home screen, making it difficult for unsuspecting users to uninstall them.