Two highly-downloaded applications from the Google Play Store are putting some 1.5 million users at risk as cybersecurity analysts warn of them as spyware, compelling affected users to remove them right away.

Leading mobile cybersecurity firm Pradeo, via an alert, names the apps as “File Manager” and “File Recovery & Data Recovery”—both coming from the same developer known as Wang Tom.

The programs in question are identified as having to function automatically (without user input), while silently sending user data to servers located in China.

According to the screenshot taken by Pradeo as part of its report, File Recovery & Data Recovery already had over a million downloads while File Manager—not to be confused with any other apps that may bear the same label but from different developers—had roughly 500,000.


Via Pradeo’s analysis engine, it is found that the apps are exfiltrating the following data—contacts on email and social network, contacts on phone, user’s real-time location, the app-compiled audio and video, device’s brand and model, name of network provider, country code for mobile, and version number of the operating system.

The gathering and exfiltration of the data come without the users’ consent and contrast the developer’s claim of not doing the collection of information.

Although, by design, the function stated above may be critical in optimizing performance and guaranteeing compatibility across devices, the extent to which the applications are taking the measures is considered unnecessary as far as data recovery and file management operations are concerned.

Pradeo notes that each application is capable of transmitting over a hundred times, carrying volumes of data “so large, they are “rarely observed.”

Leave a comment

Your email address will not be published. Required fields are marked *