At times we use mobile applications (apps), and most times, mobile applications use us! Surprised? Apps which provide us with free functionalities and entertainment, trade our financial details, choices, preferences, and the like. These apps can gather information even when the user explicitly chooses not to divulge it.

In 2019, researchers from the International Computer Science Institute reported that around 1300 Android apps were fetching users’ data from devices even after the user explicitly denied permission. Apps are developed for facilitating users, however lately they are increasingly becoming an easy medium for phishing and cyber-crimes.

Indian Government banned 59 Chinese Apps

As India-China border standoff continues at LOC, the Indian intelligence agencies redflagged a few Chinese apps over safety and privacy issues of users and recommended the government to block access to these apps. Consequentially, the Indian Government imposed a ban on 59 Chinese apps last week, on the ground that these apps are engaged in activities that are prejudicial to sovereignty and integrity of India and the security of the state and public order. The Ministry of Electronics and Information Technology (MeitY) has stated that it has received various complaints about mobile apps stealing and surreptitiously transmitting user data in an unauthorized manner to servers that have locations outside India. Meity has issued a statement which reads as under:

“The compilation of these data, its mining and profiling by elements hostile to national security and defense of India, which ultimately impinges upon the sovereignty and integrity of India, is a matter of very deep and immediate concern which requires emergency measures,”

Can these apps be used in India after the ban?

The list includes some widely popular apps like TikTok, SHAREit, Club Factory which had millions of users in India. After the ban, these apps have been removed from Google Play Store and Apple’s App store and hence cannot be downloaded anymore. Users who already have them in their smartphones also cannot use most of the apps anymore as the apps have been blocked by Indian Internet Service Providers. Even if a user uses a VPN connection, the apps will not run. However, if a user redirects his/her IP address to a country where TikTok is not banned it will run on a laptop/computer.

Google Bans 25 Apps for reportedly stealing Facebook Credentials of users

Developers of these apps, regularly come up with novel methods for stealing user information. Recently, in May 2020, Evina, a French security firm is reported to have highlighted 25 apps listed on Google Play Store that were stealing Facebook credentials of users. Collectively, these apps had more than 2 million downloads. Consequentially, Google has now removed all of them from the Play Store. The list of the 25 apps are attached below for ready reference.

Super Wallpapers Flashlight • Padenatef • Wallpaper Level • Contour Level wallpaper iPlayer & iWallpaper • Video Maker • Color Wallpapers • Pedometer • Powerful Flashlight • Super Bright Flashlight • Super Flashlight • Solitare Game • Accurate scanning of QR code • Classic card game •Junk file cleaning • Synthetic Z • File Manager • Composite Z • Screenshot Capture • Daily Horoscope Wallpapers • Wuxia Reader • Plus Weather• Anime Live Wallpaper • Health Step Counter

As one can see, most of these apps offered free functionalities, like wallpapers, flashlights, video editing tools, daily horoscope, card, junk file cleaning and other similar features to attract heavy downloads. Their functionalities are different but according to Evina’s report, they use exactly the same method for obtaining data. When a user downloads any of these malicious apps on her/his device, the app detects other apps which are recently opened and which are there in the device’s foreground. For instance, if the user has used Facebook on his device, or if Facebook is already opened in the foreground, the malware will mimic the Facebook site and overlay a web browser window on top of the official Facebook app. Since the browser is displayed in the foreground, it makes the user think the official app launched it and when the user enters his Facebook login credentials on the malware’s phishing page, the credentials are sent to a remote server. The malware’s mimic features a black bar instead of a blue bar of the original Facebook app. The attacker can then use the credentials to access all data stored on the user’s Facebook account and can also access other websites where user has logged in via her/ his Facebook account. Organisations like Google regularly checks such malware and removes it.

Even though these 25 apps have been removed, many other apps are still functioning and are continuously stealing user information. A deeper investigation is required to stop information exchanging hands easily.