Android apps caught spying on 60 million people — what to do now

Green skull on smartphone screen.
(Image credit: Shutterstock)

Update: Not even antivirus apps are safe for you to download, so be vigilant about what you install

Google has pulled 11 apps from the Google Play store after discovering they secretly included software for harvesting user data. According to The Wall Street Journal the apps had been downloaded to over 60 million devices.

Those apps are reportedly including several Muslim prayer apps, speed trap detectors, QR code readers, weather apps and more. But despite their differences, each app contained code that could harvest sensitive user data.

Security researchers Serge Egelman from UC Berkeley and Joel Reardon from the University of Calgary discovered the code, passing on their findings to Google, federal regulators and the Wall Street Journal. Both confirmed that the code can “without a doubt be described as malware.”

The duo found that data being harvested is said to include precise location, email addresses, phone numbers plus data about nearby devices. The code can also apparently collect information pasted from the clipboard, and scan parts of a phone’s files system — including WhatsApp’s download folder.

Fortunately, the malware can’t access the contents of those files. However, it can use a system called “compare-by-hash” to compare them against known files.

While the apps are no longer available to download on Google Play, anyone with the apps installed is still at risk. A full list is available on the security researchers' blog, but if you have the following apps installed, get rid of them right away:

  • Speed Camera Radar by Road Soft
  • Al-Moazin Lite (Prayer Times) by Parfield
  • WiFi Mouse(remote control PC) by WiFi Mouse
  • QR & Barcode Scanner by AppSourceHub
  • Qibla Compass - Ramadan 2022 by AppSourceHub
  • Simple weather & clock widget by Difer
  • Handcent Next SMS-Text w/ MMS by Handcent
  • Smart Kit 360 by Kafui Utils
  • Al Quran Mp3 - 50 Reciters & Translation Audio by RabbiApps
  • Full Quran MP3 - Ramadan 2022 - by AppSourceHub
  • Audiosdroid Audio Studio DAW by Audiosdrois OU

You might also want to uninstall any other apps from those developers just to be on the safe side.

The malware code was reportedly developed by Measurement Systems, a Panamanian company with alleged ties to a Virginian defense contractor that performs cyber-intelligence for U.S. national security agencies.

The Wall Street Journal alleges that the company paid developers to add its software development kits to apps. One developer also told WSJ that Measurement Systems claimed to be collecting data for ISPs, financial services and energy companies.

Measurement Systems has denied the allegations, telling the Wall Street Journal that “The allegations you make about the company’s activities are false. Further, we are not aware of any connections between our company and U.S. defense contractors”

Now is as good a time as any to invest in one of the best Android antivirus apps, which can scan your phone for known threats and act accordingly. Just because an app is available on an app store doesn't mean it's safe.

At the very least you should have a proper audit on what apps you have installed on your phone. Any apps that have been pulled from Google Play should be uninstalled right away.

Tom Pritchard
UK Phones Editor

Tom is the Tom's Guide's UK Phones Editor, tackling the latest smartphone news and vocally expressing his opinions about upcoming features or changes. It's long way from his days as editor of Gizmodo UK, when pretty much everything was on the table. He’s usually found trying to squeeze another giant Lego set onto the shelf, draining very large cups of coffee, or complaining about how terrible his Smart TV is.

  • Thumper33
    admin said:
    These 11 apps have malware that can harvest your data, so uninstall them right now.

    Android apps caught spying on 60 million people — what to do now : Read more

    Handcent was never stealing data, it was flagged by Google due to a name change of the developer according to a press release several days ago. It was corrected and is now back on the Play store.

    If even half of this list are actually "stealing data" it makes you wonder what is the point of Google's checks and seal of approval for apps on the Play store.