The two applications found belonged to the same developer and had a total of 1.5 million installations.
According to information released by security firm Pradeo , malicious applications mexico number lookup located in the official Google store are programmed to launch without user interaction, silently collecting data.
Image: Available on the Pradeo website
Reports used by the company during the analysis of the apps showed that a lot of personal data was being collected and sent to different destinations, mainly in China.
Among them are:
Contact lists of users of the device itself and of all connected accounts, such as email, social networks…
Media compiled in the app: Images, audio and video content
Real-time user location
Mobile country code
Network Provider Name
SIM provider network code
Operating system version number, which can lead to vulnerable system exploitation, as the Pegasus spyware did
Device brand and model
Researchers point out that to increase the success of their actions, criminals tend to adopt specific behaviors, such as falsifying the number of installations, appearing legitimate, requiring less user interaction, through automatic startup and execution on reboot and avoiding uninstallation, hiding the icon on the home screen.
What can I do to improve security when using app stores?
Even though the apps mentioned above are no longer available on Google Play, we have found that they can still be found in places in the digital environment and there is nothing stopping others of the same type from reappearing in the official stores.