Google has removed several apps used by over 50 million users from the Play Store after learning that the applications in question were harvesting users' personal information. Researchers Joel Reardon (University of Calgary) and Serge Egelman (UC Berkeley) discovered the malicious code in dozens of apps harvesting users' precise location, phone numbers, and email accounts.
Reardon and Egelman reported (via Endgadget) their findings to federal regulators and Google, which led to the company removing the apps from the Play Store. It's been reported that Measurement Systems is the company responsible for the code and is linked to defense contractors that provide cyber-intelligence to US national security agencies.
We want to believe that such a connection is harmless, but Measurement Systems has supposedly paid developers to add their wares to SDKs (development kits) to many different apps in exchange for detailed user information and payment.
Reardon states the following in the AppCensus research blog post:
"A database mapping someone's actual email and phone number to their precise GPS location history are particularly frightening, as it could easily be used to run a service to look up a person's location history just by knowing their phone number or email, which could be used to target journalists, dissidents, or political rivals."
The other fear researchers have is that even though the apps with the information harvesting code have been pulled from the Play Store, millions of users may still be using them. When the Wall Street Journal first broke the story, they reached out to Measurement Systems and received an emailed response stating: "the allegations you make about the company's activities are false. Further, we are not aware of any connections between our company and U.S. defense contractors, nor are we aware of… a company called Vostrom. We are also unclear about Packet Forensics or how it relates to our company."
Reardon and Egelman compiled a list of the harvesting apps users should make sure to remove immediately from their devices.
List of data-harvesting apps
- Speed Camera Radar
- Al-Moazin Lite (Prayer Times)
- WiFi Mouse(remote control PC)
- QR & Barcode Scanner
- Qibla Compass – Ramadan 2022
- Simple weather & clock widget
- Handcent Next SMS-Text w/ MMS
- Smart Kit 360
- Al Quran Mp3 – 50 Reciters & Translation Audio
- Full Quran MP3 – 50+ Languages & Translation Audio
- Audiosdroid Audio Studio DAW – Apps on Google Play
We will keep tabs on this developing story and update this list if it continues to grow.
Stay in the know with Laptop Mag
Get our in-depth reviews, helpful tips, great deals, and the biggest news stories delivered to your inbox.
Mark has spent 20 years headlining comedy shows around the country and made appearances on ABC, MTV, Comedy Central, Howard Stern, Food Network, and Sirius XM Radio. He has written about every topic imaginable, from dating, family, politics, social issues, and tech. He wrote his first tech articles for the now-defunct Dads On Tech 10 years ago, and his passion for combining humor and tech has grown under the tutelage of the Laptop Mag team. His penchant for tearing things down and rebuilding them did not make Mark popular at home, however, when he got his hands on the legendary Commodore 64, his passion for all things tech deepened. These days, when he is not filming, editing footage, tinkering with cameras and laptops, or on stage, he can be found at his desk snacking, writing about everything tech, new jokes, or scripts he dreams of filming.