Google bans apps with reported data-harvesting code2022-04-07 17:30 by Daniela
Google has removed dozens of apps from the Google Play store that were secretly collecting users' data, The Wall Street Journal reported Wednesday. The Journal said the Panamanian company that wrote the data-collecting code is linked to a Virginia defense contractor that does cyberintelligence work for US agencies.
Security researchers Serge Egelman from UC Berkeley and Joel Reardon from the University of Calgary discovered the code, passing on their findings to Google, federal regulators and the Wall Street Journal. Both confirmed that the code can "without a doubt be described as malware."
The affected apps cover a wide category of apps which includes weather apps, QR scanners, prayer apps, highway radar apps, and so on. It turns out that many of these apps used an SDK made by another company who allegedly paid these developers to use their SDK.
Though Google has pulled those apps from the Play Store, the researchers noted that they still exist on millions of devices. At the same time, they found that the SDK stopped collecting user data after their findings were revealed.
Read more -here-