Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Tom’s Guide
Tom’s Guide
Technology
Alyse Stanley

Android spyware with over 1.5 million downloads sends your data to China — delete these apps right now

A smartphone screen displaying the Android name and logo next to a sign reading 'MALWARE'.

Cybersecurity analysts uncovered two file management apps available on the Google Play Store that are actually spyware, putting the privacy and security of up to 1.5 million Android users at risk. So if you have one of the best Android phones with these apps installed, delete them right away.

The fishy apps are File Recovery & Data Recovery and File Manager, according to an alert this week from Pradeo, a leading mobile cybersecurity company. The apps, both from the same developer, are programmed to launch without any input from the user and quietly send sensitive user data to servers based in China. 

File Recovery & Data Recovery was downloaded more than 1 million times, and roughly 500,000 people installed File Manager, according to screenshots of their respective Play Store pages shared in Pradeo's report. Per Bleeping Computer, Google only recently kicked the apps off the Play Store. 

(Image credit: Pradeo)

While the apps say they don't collect any data from the user's device, it turns out this wasn't the case. Pradeo's behavioral analysis engine found the apps exfiltrate the following data: contacts saved in your device; email and social network contacts; pictures, audio and video compiled in the app; real-time user location; device brand and model; mobile country code; network provider name; and operating system version number. All without ever requesting permission to collect this information.

While the apps may have a legitimate reason to collect some of the data above to optimize performance and ensure compatibility across devices, most of it is not required for file management and data recovery operations. Even more alarming is the sheer amount of data being transferred while the user's none the wiser. Each app performs more than a hundred transmissions, "an amount that is so large it is rarely observed," Pradeo notes.

The apps can also abuse the permissions the user approves during installation to restart the device and quietly launch in the background. And deleting them off your phone comes with its own hoops. The apps conceal their home screen icons to make uninstallation more of a hassle, as users have to go to their application list in the Settings menu to delete them.

So if you have either File Recovery & Data Recovery or File Manager installed and you don't see them on your home screen, head to your Settings menu ASAP to get rid of them. While you're at it, consider equipping your phone with one of the best Android antivirus apps to help keep your device safe from malicious apps moving forward. Google also rolled out several new updates to its Android ecosystem in June, including a handy little security feature that lets you see if your Gmail address has been exposed on the dark web.

More from Tom's Guide

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.