In July 2023, an alarming discovery shook the world of mobile cybersecurity. Two applicationsapplications AndroidAndroid seemingly harmless spyware turned out to be dangerous, putting the privacy of millions of users at risk. This case raises crucial questions about smartphone security and the protection of personal data in our digital age.
The wolf in the fold: malicious applications on the Play Store
The story begins with two seemingly banal applications: “File Recovery & Data Recovery” and “File Manager”. Available on the GoogleGoogle Play StoreStorethese applications promised to manage and recover files. On the other hand, behind this facade hid a much darker reality.
Pradeo, a company specializing in mobile cybersecurity, has lifted the veil on the true nature of these applications. Contrary to their descriptions, they were not just manipulating files. In reality, this software surreptitiously collected a multitude of users’ personal data, including:
- saved contacts;
- email addresses and contacts of social networkssocial networks ;
- photos, audio and video files;
- real-time location;
- device information (make, model, operating system).
Even more worrying, this data was then transmitted to servers based in China, without the consent or even knowledge of the users.
A worrying success: millions of users potentially affected
The scale of this threat is considerable. According to Play Store screenshots shared in Pradeo’s report, “File Recovery & Data Recovery” had over 1 million downloads, while “File Manager” had been installed around 500,000 times. In total, nearly 1.5 million Android smartphone users could have been victims of this data theft.
This success can be partly explained by the insidious strategy of the developers. The applications launched automatically without user intervention and operated in the background, making their malicious activity virtually undetectable. In addition, they hid their iconsicons on the home screen, making it more difficult to remove them.
| Application | Number of downloads |
| File Recovery & Data Recovery | + 1 000 000 |
| File Manager | ~ 500 000 |
Protecting your smartphone: good practices to adopt
Faced with this threat, it is essential to adopt a vigilant attitude. Here are some recommendations for securing your Android device:
- Regularly check the applications installed on your smartphone and delete those that you do not use or that you doubt.
- Install a reliable antivirus for Android. These tools can detect and block malwaremalware before they cause damage.
- Pay attention to the permissions requested by applications. A simple file manager app doesn’t need access to your contacts or location.
- Update your operating system and applications regularly to benefit from the latest security fixes.
- Choose applications from recognized publishers and carefully read user reviews before installing a new application.
This case reminds us that cybersecurity is an ongoing battle. Hackers and malicious developers are constantly finding new ways to circumvent the defenses in place. It is therefore essential to remain vigilant and stay informed of the latest threats to effectively protect our personal data in this ever-changing digital world.
