Published to Google Play by the same developer, the two applications, ‘File Recovery and Data Recovery’ and ‘File Manager’, were seen launching without user interaction and silently exfiltrating a trove of sensitive user information.
According to Pradeo, the two spyware apps would send out users’ contact list, media content, real-time location, network provider, country code, network code, operating system information, and device brand and model.