Despite the measures taken by Google and Facebook, managing privacy controls is like playing a board game. Once you deprive advertisers of one way to track user activity, they’ll just as quickly find another.
Google recently removed dozens of apps from the Play Store after discovering they had a malware secretly collect data. But now the AppCensus experts have just discovered the presence of 11 new malware. Nearly half of them offer services related to the practice of Islam.
11 Android Apps to Uninstall Urgently
Hardly a week goes by without IT security engineers finding something malware in the Google Play Store. This was the case with rogue antiviruses that stole money from their victims; malware that steals cryptocurrencies; or the malicious program that could use the phone’s microphone without the user’s knowledge.
The malware of the day, discovered by AppCensus experts, is present in the following 11 infected applications:
- Speed camera radar
- Al-Moazin Lite (call to prayer app)
- Wi-Fi mouse
- QR and barcode scanner
- Qibla Compass – Ramadan 2022 (app that shows the direction of the qibla)
- Simple weather and clock widget
- Handcent Next SMS Text with MMS
- Smart Kit 360
- Al Quran MP3-50 reciters and translation audio (app to listen to the Quran)
- Full Quran MP3-50 Languages and Audio Translation (app to listen to the Quran)
- Audiosdroid Audio Studio DAW
Over 60 million downloads
These 11 malicious applications offer a wide range of services: weather, QR code reading, remote PC control, sound studio, SMS management, etc. Probably because of Ramadan, we also find in the quota various software intended for Muslims (call to prayer, direction of the qibla, listen to the Quran in mp3, etc.).
These infected applications, now removed from the play shop, contained malware capable of collecting users’ personal data without their knowledge: phone numbers, email addresses, passwords, clipboard items, conversations stored in messaging services or the history of movements via GPS location… No data escapes theft ! Most disturbingly, these applications had more than 60 million downloads in total, which are just as many potential victims.
In addition, the malware code was the work of a Panamanian company called Measurement Systems. This company that specializes in collecting statistics has paid the developers of these applications to include the code. In his research, the Wall Street Journal revealed that Measurement Systems is a subsidiary of VOSTROM, a subcontractor to several US security agencies. Following an interview request from the WSJ, VOSTROM officials decided to dissolve the company. Some of the programs in question have already modified their code and are back in the Google application store.
