More Than 1.5 Million Android Users Are At Risk Attacked By The Chinese Spy App On The Play Store

File Manager, spy app from Wang Tom, from China. (photo: screenshot)

JAKARTA - More than 1.5 million Android users are at risk of attack by hackers from China after two spy apps were found on the Google Play Store.

Users who have File Recovery & Data Recovery and File Manager applications are advised to remove them manually from their devices, as these applications collect personal information.

The data collected includes contact lists, photos, videos, and the user's real-time location.

Cybersecurity firm Pradeo discovered this finding and reported the malicious app to Google. Since then, the tech company has removed the app.

Wang Tom is listed as the developer of the two apps and claims that the apps do not collect user data. However, after a more in-depth analysis, Pradeo found that these claims were untrue.

Pradeo also revealed that both apps hide their home screen icons, making it difficult for users to find and remove them.

Those apps, which were updated at the end of June, also abuse the permissions agreed by the user during installation to restart the device and run in the background.

In addition, the publisher may leverage the app's popularity to gain more attention on Google Play, as reported by BleepingComputer.

Pradeo found that these apps can collect contact lists linked to email accounts, social networks, and those stored on the device.

Additionally, users' photos, audio, and video are vulnerable, along with their location, mobile country code, and network provider name.

To remove such malicious apps, users need to open Settings and then select Applications to see a list of apps running on their device.

Earlier this month, Google warned Android users about security threats that could steal their bank details.

The ThreatFabric security team discovered the threat and used an app uploaded to the Google Play Store to infect the phone with a fake banking Trojan called Anatsa.

Once installed on a device, this money-stealing bug can steal credentials that can be used to authorize users logging into mobile banking.

The hacker can then take over someone's account and access credentials, credit card details, bank balances, payment information, as well as transfer funds with less chance for the cardholder to notice.

"Because these transactions were initiated from devices that are used routinely by the targeted bank's customers, it has been reported that it is very difficult for the banking anti-fraud system to detect them," said ThreatFabric, quoted by MailOnline.

According to a tech company security researcher who has tracked this activity, the bug has been installed more than 30.000 times via this method alone.