Google purges 24 Android apps that abuse user data

News
By Thomas Dougherty
published

The apps also harboured malware and rogueware and were all linked to Chinese tech firm Shenzhen HAWK

Google has removed 24 apps (totaling 382 million active installations) suspected of unethical data practices from the Google Play Store.

“If we find behavior that violates our policies, we take action,” said Google in response to a report published by VPNpro earlier this week.

The tarnished apps stem from five different developers, all offshoots of Shenzhen HAWK - a Chinese tech company with a history of releasing apps infected with malware and rogueware.

Shenzhen HAWK’s mega parent company the TLC Corporation has since responded to Google’s action, claiming to be “actively working” with developers “to better understand their concerns”.

The TLC Corporation - which is partially owned by the Chinese state - also referenced plans to hire an outside security consultant to protect its consumers from insecure data practices.

RELATED RESOURCE

Building a modern information governance strategy

How to rethink your approach to develop a more modern information governance strategy

FREE DOWNLOAD

Despite the TLC Corporation’s promise thousands, potentially millions of Android users remain at risk for having their data tampered with.

Last year, UK mobile research firm Upstream reported the danger lurking behind the Shenzhen HAWK’s seemingly innocent Weather Forecast app: “It collects and transmits geographic locations, email addresses, IMEIs to a server in China and has a number of privacy invasive permissions on the device. Had it not been blocked it would have succeeded to subscribe users on Alcatel phones in countries like Brazil, Malaysia and Nigeria to paid services for which users would have been billed more than $1.5 million.”

These apps have been accused by VPNpro of “seeking dangerous permissions”, which include giving unsolicited Chinese servers access to users’ locations, cameras, and mobile accounts, among a number of other concerning factors.

“There are quite a lot of financially lucrative things, legal or illegal, that app developers can do with user data,” added Upstream’s initial report.

Bluetooth hijack bug among 25 Android flaws patched in February Best antivirus for Android 2021: Bitdefender, Norton, Kaspersky and more What is Breach and Attack Simulation (BAS)?

The 24 Shenzhen HAWK apps removed from the Google Play Store range from offering storage cleaning services and file management, to a selfie camera and games.

Thomas Dougherty