Every day over 100 million selfie images have been posted in social media platforms. Almost every smartphone user at least once has downloaded such apps from market places. But some of these apps can violate your privacy and steal data from the phones without your consent.
Earlier, famous selfie app BeautyPlus, which has more than 100,000,000 installs was accused of collecting user's data and selling them to others. There was another app developer Lyrebird Studio, which has many selfies, makeup, and photo editing apps was found to be showcasing pornographic ads to users that led to a phishing webpage that collected their personal information.
But recently security researchers found another set of the popular app, available in Play Store which can access the phone details without the permission of the user. Android users are advised to avoid these apps to secure their smartphone data.
New malicious Play Store app
The researchers at CyberNews found an app named Beauty Camera by Phila AppStore, in the Play Store that can access the camera without any permission. It should be noted that there isn't any camera-related permission listed in the App permission settings, which us against the policies set by Google.
When a user first installs the app, which has over 500,000 installs and opens it, a five-second welcome ad appears on the screen and then these ads display every now and then.
Beauty Camera threat
The researchers tried to send an email to the developer regarding the malicious activity of the app but while sending they noticed that the email ID which they had listed has no longer in use. Later, the researchers contacted Google and alerted the tech giant about the malicious app.
There is another app named as Beauty Camera – Selfie Camera with Photo Editor which has more than 1,000,000 installs was published by a developer named Coocent. It should be mentioned that this is the same developer who once caught with an app containing malware.
Other malicious apps
The CyberNews researchers also found three developers who could be linked as they offer somewhat similar malicious apps. These names are Coocent, KX Camera Team and Dreams Room. The experts noticed that privacy.txt file of all three developers is hosted on the same domain. Which suggests that these developers are linked and may be owned by the same company based in China.
Two developers also have apps named Selfie Camera – Beauty Camera & Photo Editor with over 10,000,000 installs and Beauty Camera – Selfie Camera & AR Stickers has been installed 1,000,000 times.
The security researchers analyzed 30 apps and most of the apps either had annoying ads or requested unnecessary permissions. Some of these apps were alleged to be linked with malware. There were some apps which are found to be linked with malware.