Some apps from the Play Store are used for purposes beyond what needs to be used. Google has removed dozens of applications to collect data and send it to affiliates US intelligence.
According to a new report in The Wall Street Journal, the latest round of malware includes a software development kit (SDK) that sends data to a security contractor with links to the U.S. intelligence community.
The company is responsible for data collection
At the center of the operation is the Panamanian company Measurement SystemsWith little known SDKs that do not include any useful features, developers pay $ 100 to $ 10,000 a month or more to add to your software.
According to AndroidAuthority, the SDK has been used in various Muslim prayer applications, weather applications, speed detection applications, and more. In total, the compromised apps are believed to have been downloaded more than 60 million times.
Measurement systems told developers to collect data for Internet service providers, energy companies and financial service providers. Interestingly, and with a link to US intelligence, the company told developers it was particularly interested in data in the Middle East, Asia and Central and Eastern Europe – regions that advertising agencies generally do not prioritize. Richer than the United States or Western Europe. For example, one of the meteorological applications has a large user base in Iran, which is a major target of US intelligence efforts.
Data was collected on alleged applications in support of US intelligence
While the SDK is active, it collects large amounts of data, including accurate location, phone number, email, and nearby devices.. The SDK had full access to the system clipboard, including all stored passwords.
Additionally, the SDK can check certain parts of the file system in which WhatsApp downloads and stores files. Researchers do not believe SDK will open files, but can use a hashing algorithm to match them with interesting files. This further supports the belief that US intelligence is behind measurement systems as WhatsApp uses end-to-end encryption.
The malware was first discovered by co – founders of mobile app security company AppCensus, Serge Egelman and Joel Reardon, who wrote that the malware was “the most privileged-aggressive SDK they’ve seen in six years of mobile app exploration.”
After Egelman and Reardon reported the problem, Google took immediate action to remove the offensive apps from the Play Store. Interestingly, although Google has done nothing to explain this behavior, measurement systems seem to have stopped collecting SDK data.
Looks like the measurement systems have disabled the function. Google also said that applications could be re-listed once developers have removed the SDK. Below you will find a list of known applications with SDK, remove them immediately and wait for them to be re-listed in the Play Store.
- Speed camera radar;
- Al-Mosin Light;
- WiFi mouse;
- QR & barcode scanner;
- Qibla Compass;
- Simple Weather & Clock Widget;
- Handcent Next SMS;
- Smart Kit 360;
- Al Quwaran MP3;
- Audiosdroid Audio Studio DAW.
“Internet evangelist. Writer. Hardcore alcoholaholic. Tv lover. Extreme reader. Coffee junkie. Falls down a lot.”