These Apps were Sending Data to The Cretaer's Server
Google just discarded 20 of the Android apps from the Google Play store after finding that these apps were fetching the users personal data from their devices.
These 20 applications made their way to the 100 Android devices and secretly extracting the sensitive data of the users. When Google finds out that these apps are containing the code to monitor the user’s secured data including the text messages, Location, emails, voice calls and other personal data the company immediately exiled these apps from the market.
These apps entered the rooted Android devices that are running the older version of the Android. The root status of the Android device lets the rogue apps bypass the operating system security easily. Afterwards, the apps are open to the user's personal data from where they fetch the information like text, emails, and files. These 20 applications did the same and were outsourcing the user's data to the server controlling by the developers. These apps are also fetching the data from the other apps like WhatsApp, Viber, Hike, and Telegram, which includes text messages, images, and videos. However, all these applications have encrypted the user information which is too hard for the hacker to intercept messages while in transit.
These expatriate apps used tempting utilities to grab the user attention like cleaning files and backing up the data in order to perform the surveillance activities. Google also finds the roots of the apps, from where the apps were being deployed, according to the company there are evidences showing that apps are developed by a cyber arms firm called Equus technologies.
Google also mentioned in the post on Wednesday that the researchers also found a new type of Surveillance apps “Lipizzan”. According to the company's researchers, these are two stage tools, the first stage is distributed over the Google Play as an app. Once the app is installed the spyware downloads the second stage, which is some sort of license authorization and then finally roots to the user's device to transfer the data to the spyware creator.
Google has deeply searched and examine the apps in the Google Play Store and find out the techniques used by the malware to bypass the security. Based on the information from researchers the tech giant just enrolled a new security feature named Google play protect. The Google Play Protect automatically scans the installed applications or about-to-be install apps and informs the user if found something amiss.
Joshua is a writer at MobileAppDaily and also works as a reporter for the team to keep our readers up to date. He is breaking the mobile app technology news for MobileAppDialy since 2016 and has more than 4 years of experience as a tech blogger.