Chinese spyware in the Play Store!

Pradeo, a mobile cybersecurity company, has announced that it has discovered two different spyware apps in the Google Play Store.

Both apps appear to serve the purpose, but in reality, they consistently steal significant amounts of user data in the background. Pradeo claims that these applications are programmed to run without user intervention.

1 a 2

These two spyware applications come from the same Chinese developer, "wang tom". Pradeo has revealed that both applications obtain a significant amount of information about the user, including their contacts and personal pictures or videos, and even their current location in real time.

These spware applications can run continuously in the background, constantly transferring the collected data to a server in China without the user's knowledge. Here is the full list of stolen data:

• A list of user names from the device itself and all connected accounts, such as emails, social networks...
• Media collected in the app: images, audio and video content
• Real-time user location
• Mobile country code
• Name of network provider
• Network code of the SIM provider
• The version number of the operating system that can lead to the exploitation of a vulnerable system similar to the Pegasus spyware
• Make and model of the device

The number of app downloads seems high, but Pradeo claims that hackers can use an Android device emulator to prove that the app is trustworthy. The app review section did not contain any comments, but the app itself had around 500,000 - 1 million downloaders.