Google recently removed dozens of apps from the Play Store because it was caught siphoning user data. Some of the applications include prayer applications and the Qur'an which have been downloaded millions of times.
Security researchers from AppCensus found these apps carry an embedded software development kit (SDK) to retrieve sensitive data from phones. This SDK is even referred to as malware by researchers.
Once installed on the phone, the application that already contains the SDK instantly retrieves important data about the device and its owner, including phone numbers and email addresses.
One application that carries this SDK is a QR and barcode scanner which, when downloaded, will collect user data in the form of phone numbers, email addresses, IMEI information, GPS data and router SSID.
There are also two prayer and azan applications, namely Al Moazin and Qibla Compass, which have been downloaded more than 10 million times. Both collect data such as phone numbers, router information, and IMEI.
Some other applications can also track the user's location. In total, dozens of applications caught stealing sensitive user data have been downloaded more than 60 million times. Especially during the month of Ramadan, more and more Muslims in the world are using it to help carry out worship.
"Databases that map a person's email and phone number against their GPS location history are daunting, as they could easily be used to run services to look up someone's location history simply by knowing their phone number or email, which could be used to target journalists, dissidents or rivals. politics," said Joel Reardon of AppCensus, as quoted by Gizmodo, Thursday (7/4/2022).
Apparently the company that wrote this malicious code is Measurement Systems, a Panamanian company associated with Vostrom Holdings, a company from Virginia, United States named. Vostrom Holdings is a defense company involved in cyber intelligence projects with the US government.
Measurements Systems is said to be paying developers to embed the SDK in their apps to collect data without the user's knowledge. Their main target is users located in the Middle East, Asia, Central Europe, and Eastern Europe.
AppCensus already reported its findings to Google in October 2021. But the apps were only removed on March 25 after Google investigated reports from the Wall Street Journal.
But according to our monitoring, the applications that are on the AppCensus list are back on the Google Play Store. It's likely they've removed the malicious payload and been allowed back into the Play Store.
Here's a list of apps that Google removed because they were caught secretly collecting user data:
Speed Camera Radar - 10 million downloads
Al-Moazin Lite (Prayer Times) - 10 million downloads
WiFi Mouse(PC remote control) - 10 million downloads
QR & Barcode Scanner - 5 million downloads
Qibla Compass - Ramadan 2022 - 5 million downloads
Simple weather & clock widget - 1 million downloads
Handcent Next SMS-Text w/MMS - 1 million downloads
Smart Kit 360 - 1 million downloads
Al Quran Mp3 - 50 Reciters & Translation Audio - 1 million downloads
Full Quran MP3 - 50+ Languages & Audio Translation - 1 million downloads
Audiosdroid Audio Studio DAW - Apps on Google Play - 1 million downloads