Google banned Apps with secret data-harvesting code including Popular Muslim Prayer Apps
Users’ information dissemination and stealing of personal data are the biggest crimes these days that many apps are accused of. In this time of booming IT industry, people are more comfortable downloading apps, learning and working digitally from distant places. But the biggest question is that if personal data and information are safe. A layman doesn’t know about these details and he keeps on downloading without conforming if the app is safe for his device. Google lately banned many apps from its play store that have reportedly been discovered to have secret data-harvesting code including famous Muslim Prayer Apps.
The revelation came from two researchers Serge Egelman and Joel Reardon who do auditing work in search of vulnerabilities in Android apps. They discovered the behavior of the piece of code and shared their finding with Google. The code is an SDK which is a Software Development Kit that is implanted on the users’ devices and can be described as malware according to one researcher.
The data-harvesting code comes from a Panamanian company that is linked to a Virginia defense contractor through web registrations and corporate records. This contractor does the network defense and cyber intelligence work for U.S. national security agencies. The Panamanian company, Measurement systems’ pays developers worldwide to incorporate the software development kits into famous consumer apps.
The code had been implanted in many apps and ran on many android devices and is found in many famous Muslim prayer apps that have been downloaded more than 10 million times and also in many consumer apps including a QR-code reading app and speed trap detection app. The code once is implanted on the user’s device, the SDK-laced programs steal personal data from the devices like phone numbers, location, and email addresses.
Google removed the apps containing the Measurement Systems’ software from the Google play store. However, the app will be relisted again on the play store if the offending software is removed and the app comes out clean. The affected apps are trying to get rid of the code and get back on the Google platform.