- Joined
- Jun 28, 2020
- Messages
- 6,777
- Reaction score
- 726
- Points
- 212
- Awards
- 2
Applications request dangerous permissions and even contain a trojan for remote access.
In recent versions of Android, Google has severely limited the resources and elements that applications have access to. However, there are many suspicious applications requesting permissions for actions that they do not require to operate. For example, specialists from VPNpro found a number of such applications in the Google Play Store, in total installed on more than 150 million devices.
The developer of the applications called VPNpro “spyware” is the Hangzhou-based Chinese company QuVideo. The developer is known for his popular VivaVideo video editor, with about 100 million installations from the Google Play Store. In 2017, VivaVideo along with 40 other Chinese applications was recognized by the Indian authorities as a malicious or spyware program.
According to experts, the applications they found from QuVideo, in particular VivaVideo, are asking for “dangerous permissions,” including permission to read and write files to external drives and access to geolocation data that the video editor does not need. We are talking about SlidePlus applications (1 million installations), as well as the paid version of VivaVideo.
In addition, QuVideo owns the Indian application VidStatus, installed on 50 million devices. The program immediately requests nine dangerous permissions, including access to geolocation data, contacts and call lists. The software is recognized as malicious by Microsoft, as it contains a hidden Trojan for remote access AndroidOS / AndroRat. Such Trojans can steal funds from bank accounts, cryptocurrency wallets and PayPal accounts.
In the Apple App Store, researchers found four applications from QuVideo - VivaVideo, SlidePlus, VivaCut, and Tempo. VivaCut and Tempo applications are also present on the Google Play Store, but other developers appear to be their publishers.
In recent versions of Android, Google has severely limited the resources and elements that applications have access to. However, there are many suspicious applications requesting permissions for actions that they do not require to operate. For example, specialists from VPNpro found a number of such applications in the Google Play Store, in total installed on more than 150 million devices.
The developer of the applications called VPNpro “spyware” is the Hangzhou-based Chinese company QuVideo. The developer is known for his popular VivaVideo video editor, with about 100 million installations from the Google Play Store. In 2017, VivaVideo along with 40 other Chinese applications was recognized by the Indian authorities as a malicious or spyware program.
According to experts, the applications they found from QuVideo, in particular VivaVideo, are asking for “dangerous permissions,” including permission to read and write files to external drives and access to geolocation data that the video editor does not need. We are talking about SlidePlus applications (1 million installations), as well as the paid version of VivaVideo.
In addition, QuVideo owns the Indian application VidStatus, installed on 50 million devices. The program immediately requests nine dangerous permissions, including access to geolocation data, contacts and call lists. The software is recognized as malicious by Microsoft, as it contains a hidden Trojan for remote access AndroidOS / AndroRat. Such Trojans can steal funds from bank accounts, cryptocurrency wallets and PayPal accounts.
In the Apple App Store, researchers found four applications from QuVideo - VivaVideo, SlidePlus, VivaCut, and Tempo. VivaCut and Tempo applications are also present on the Google Play Store, but other developers appear to be their publishers.