Google has removed hundreds of applications from its Google Play store after discovering that they have a software component that collects data covertly.
Measurement Systems S. de R.L., the Panamanian business that produced the malware, is connected to a Virginia defense contractor that offers cyber-intelligence, network protection, and intelligence-intercept operations for U.S. national-security organizations through corporate documents and online registrations.
The researchers who unearthed the code’s actions while auditing Android apps for security flaws found it inside numerous Muslim prayer apps with over 10 million downloads.
Developers were paid off
It was also present in a highway-speed-trap detection app, a QR-code reading app, and several other popular consumer apps. The researchers informed Google, a subsidiary of Alphabet Inc., federal privacy authorities, and The Wall Street Journal about their findings.
Developers worldwide were paid by Measurement Systems to put its code, a software development kit, or SDK, into their apps. According to Serge Egelman, a researcher at the International Computer Science Institute at the University of California, Berkeley, and Joel Reardon of the University of Calgary, its existence allowed the Panamanian firm to secretly collect data from its consumers.
This is malware
Modern apps frequently contain SDKs from unknown organizations like Measurement Systems, which are not audited or well understood by most developers, according to Mr. Egelman. App developers are typically enticed to include them since they provide a steady source of revenue and precise information on their targeted users.
Mr. Egelman stated that this incident emphasizes the significance of not accepting candy from strangers.
The men, who also co-founded AppCensus, a business that investigates the security and privacy of mobile applications, believe the program is the most privacy-invading SDK they’ve encountered in their six years of research. Mr. Egelman stated that it should, without a doubt, be described as malware.