Google has removed two malicious file management apps from the Google Play Store.
The apps, File Recovery and Data Recovery, and File Manager, were both published by the same developer and collected excessive user data without the user’s knowledge or consent. The data was then sent to servers in China.
The apps’ descriptions state that they do not collect any user data. However, security researchers at Pradeo found that the apps collect the following data from users:
- Contact lists from on-device memory, connected email accounts, and social networks
- Pictures, audio, and video that are managed or recovered from within the applications
- Real-time user location
- Mobile country code
- Network provider name
- Network code of the SIM provider
- Operating system version number
- Device brand and model
While some of this data may be necessary for the apps to function, much of it is not. Additionally, the apps collect this data without the user’s knowledge or consent.
Pradeo also found that the apps can hide their home screen icons and abuse the permissions that users grant during installation. This makes it difficult for users to uninstall the apps or see what data they are collecting.
If you have installed either of these malicious file management apps, you should uninstall them immediately. You should also scan your device for malware and change your passwords for any accounts that may have been compromised.
