500+ apps were found collecting data from Google Play devices using an undisclosed back door. The combined downloads of the 500+ apps are well over 100,000,000. Google responded quickly by removing the offending apps.
This isn't the first time apps were found collecting data using undocumented API or other hidden tricks. In fact, third party security organizations have stated a large amount of Google apps collect data in one form or another without proper permissions. Some of the apps stole call history and GPS locations.
It is believed most of the app developers were unaware of malicious data gathering, and it was the development kit published by lgenix that installed the spyware.
The company behind the popular anti-virus product Lookout for Android wrote on their blog:
It is becoming increasingly common for innovative malware authors to attempt to evade detection by submitting innocuous apps to trusted app stores, then at a later time, downloading malicious code from a remote server. Igexin is somewhat unique because the app developers themselves are not creating the malicious functionality - nor are they in control or even aware of the malicious payload that may subsequently execute. Instead, the invasive activity initiates from an Igexin-controlled server.
The apps that contain the SDK included:
Games targeted at teens (one with 50M-100M downloads)
Weather apps (one with 1M-5M downloads)
Internet radio (500K-1M downloads)
Photo editors (1M-5M downloads)
Educational, health and fitness, travel, emoji, home video camera apps
Well this sucks! hopefully the "Lookout" app scanner in Samsung phones is able to see this and block/warn.
It helps, but a lot gets through. I hate Apple, but I use an Apple phone because of this reason. When I submit an app to Apple, it takes 2-10+ days for approval. Google? An hour or less. Google has promised to make changes to reduce these issues, but the stance on security is very different.
LOL yeah - Google is openly mining and selling our personal data anyway. What do they care?!
:-/
Google has limits on what they mine and how it is used. At this point you can assume most everyone is data mining. Google has a lot of protections in place to protect that data and assure it is anonymous where these third party companies do not even disclose they are collecting data, what they collect, what they do with it, and if it is even protected and anonymous (likely neither).
I don't trust Google or anything to do with Google its all about tracking everything with them.
This really isn't Google though, this is third party apps on their store.
is great , i like , please follow me
Why? What value did you offer that made anyone interested in you?
This post has received a 2.86 % upvote from @lovejuice thanks to: @themarkymark. They have officially sprayed their dank amps all over your post rewards. GOOD TIMES! Vote for Aggroed!
@themarkymark got you a $1.75 @minnowbooster upgoat, nice! (Image: pixabay.com)
Want a boost? Click here to read more!
Congratulations! This post has been upvoted from the communal account, @minnowsupport, by Mikey from the Minnow Support Project. It's a witness project run by aggroed, ausbitbank, teamsteem, theprophet0, someguy123, neoxian, followbtcnews/crimsonclad, and netuoso. The goal is to help Steemit grow by supporting Minnows and creating a social network. Please find us in the Peace, Abundance, and Liberty Network (PALnet) Discord Channel. It's a completely public and open space to all members of the Steemit community who voluntarily choose to be there.
This post received a 4.3% upvote from @randowhale thanks to @themarkymark! For more information, click here!