Google bans dozens of apps that were secretly gathering users’ data
India Today
Some of the banned apps include Muslim prayer apps that were downloaded more than 10 million times, a barcode scanning app and a highway speed trap detection app and others.
Google has banned dozens of apps on Play Store that were secretly harvesting users' phone numbers and other important data. Some of the banned apps include Muslim prayer apps that were downloaded more than 10 million times, a barcode scanning app and a highway speed trap detection app and others. The QR code scanning app was found to include a data-scraping code.
As per the Wall Street Journal report, the apps that are now banned from Google Play Store were found to be collecting precise location information, email and phone numbers, nearby devices and passwords. The research also revealed that an SDK developed by Measurement Systems S. De R.L could also scan for WhatsApp downloads. The company is linked to a Virginia defense contractor, which reportedly paid to develop them to include its code in their apps to extract users’ data.
The WSJ report that the invasive code found in the apps that were banned were discovered by two researchers, Serge Egelman, and Joel Reardon, who founded an organization called AppCensus, which checks mobile apps for privacy and security. The researchers revealed that they had reached out to Google with their findings in 2021.
“A database mapping someone’s actual email and phone number to their precise GPS location history is particularly frightening, as it could easily be used to run a service to look up a person’s location history just by knowing their phone number or email, which could be used to target journalists, dissidents, or political rivals,” one of the researchers, Reardon wrote in a blog post.
However, when Google was informed about the malicious software found in the apps, it did not take action immediately and yanked the apps from its Play Store only on March 25. A Google spokesperson, Scott Westover, said that the apps could be relisted if the malicious software was removed. Google said in a statement, “All apps on Google Play must comply with our policies, regardless of the developer. When we determine an app violates these policies, we take appropriate action.” Some apps that have removed the software are already back.