Millions of Android users have reportedly downloaded malicious and dangerous apps on their phones as disclosed by the research team at VPNpro
The report from the research focuses on a Chinese spyware app with over 100 million users installing it. The developer behind the app gave dangerous titles with at least 50 installs.
According to VPNpro, Those apps ask for dangerous permissions and at least one of them is also hiding a malicious remote access trojan. This time the developer is Hangzghou-based QuVideo Inc and its popular app, VivaVideo.
This app, is one of the biggest free video editing apps for Android, with at least 100 million installs on Play Store. We shouldn’t be too shocked at the claims, considering that the app is one of 40 Chinese apps listed by the Indian government in 2017 as either spyware or malicious-ware,” VPNpro said.
Apps like this seek dangerous permissions with at least one of them having malicious remote access trojan. There are some permissions VivaVideo needs to function properly including the ability to read and write external drives. Though once that permission is granted, there is no limit.
Why the app needs to know your specific GPS location is, however, not clear. But you will notice that it lets you send your location data up to 14,000 times a day. “VivaVideo’s stablemate VidStatus (50 million installs) asks for a whopping 9 dangerous permissions, including GPS, the ability to read phone state, read contacts, and even go through a user’s call log. The app was flagged by Microsoft as malware, hiding the AndroRat trojan,” The research team said.
“When we checked VidStatus on VirusTotal, it came back positive. These kinds of trojans can steal people’s bank, cryptocurrency, or PayPal funds,” the team added.
Permission abuse is enough reason to delete and avoid the following apps:
- VideoVideo PRO Video Editor HD
- SlidePlus – Photo Slideshow Maker
- Tempo – Music Video Editor with Effects
- VivaCut – Pro Video Editor
- VidStatus – Status Videos and Status Downloader
Unless Google makes permission agreement mandatory, thus putting an end to user data factories as well as the installation of such apps, this danger will persist. Henceforth, be cautious of any app from China as they mostly possess predatory malware.