Two popular Android apps from Chinese tech giant Baidu caught collecting sensitive user details.
Baidu Android Apps:
In October, Two popular Android apps from Chinese tech giant Baidu, one of China’s largest technology companies, were removed from the Google Play Store.
According to Palo Alto researchers, the full list of data collected by the apps include:
- Phone model
- Screen resolution
- Phone MAC address
- Carrier (Telecom Provider)
- Network (Wi-Fi, 2G, 3G, 4G, 5G)
- Android ID
- IMSI number
- International Mobile Equipment Identity (IMEI) number
A separate app named Homestyler was also found to collect private information from users’ Android devices.
Using a machine learning-based algorithm the Palo Alto Networks team traced the data leak to the Baidu Push SDK, also said they also identified a similar data collection code in the ShareSDK developed by Chinese ad tech giant MobTech.
The Palo Alto research team said that while the collection of personal user details was not specifically forbidden by Google’s policy for Android apps.
However, after reporting the issue to Google, the Play Store security team confirmed their findings and “identified [additional] unspecified violations” in the two Baidu apps.
NortonLifeLock found the Play Store to be the primary source of malware installs (about 67.5%) on Android devices, in its recent study.
Play Store Security Measures:
Play market defenses against unwanted apps work, but still, significant amounts of unwanted apps are able to bypass them, making it the main distribution vector for unwanted apps.
In conclusion, researchers suggests security steps for the Android users to be followed:
- Permissions – Take a minute to think about whether or not it really needs that access ( including access to your camera, files, location, etc).
Does a weather app need to access your microphone? Nope. Does a wallpaper app need to access your storage? Nope. That’s a sign the app is likely a scam.
- Downloading Applications – Educate yourself on the signs of scam apps and then share that info with your kids.