this post was submitted on 10 Jul 2023

99 points (96.3% liked)

Android

17238 readers

203 users here now

The new home of /r/Android on Lemmy and the Fediverse!

Android news, reviews, tips, and discussions about rooting, tutorials, and apps.

💡Content Philosophy:

Content which benefits the community (news, rumours, and discussions) is generally allowed and is valued over content which benefits only the individual (technical questions, help buying/selling, rants, self-promotion, etc.) which will be removed if it's in violation of the rules.

Support, technical, or app related questions belong in: [email protected]

For fresh communities, lemmy apps, and instance updates: [email protected]

💬Matrix Chat

💬Telegram channels / chats

📰Our communities below

Rules

Stay on topic: All posts should be related to the Android OS or ecosystem.
No support questions, recommendation requests, rants, or bug reports: Posts must benefit the community rather than the individual. Please post to [email protected].
Describe images/videos, no memes: Please include a text description when sharing images or videos. Post memes to [email protected].
No self-promotion spam: Active community members can post their apps if they answer any questions in the comments. Please do not post links to your own website, YouTube, blog content, or communities.
No reposts or rehosted content: Share only the original source of an article, unless it's not available in English or requires logging in (like Twitter). Avoid reposting the same topic from other sources.
No editorializing titles: You can add the author or website's name if helpful, but keep article titles unchanged.
No piracy or unverified APKs: Do not share links or direct people to pirated content or unverified APKs, which may contain malicious code.
No unauthorized polls, bots, or giveaways: Do not create polls, use bots, or organize giveaways without first contacting mods for approval.
No offensive or low-effort content: Don't post offensive or unhelpful content. Keep it civil and friendly!
No affiliate links: Posting affiliate links is not allowed.

Quick Links

Our Communities

Lemmy App List

See thread

Chat and More

founded 1 year ago

MODERATORS

[email protected]

Two spyware sending data of more than 1.5M users to China were found in Google Play Store (securityaffairs.com)

submitted 1 year ago by [email protected] to c/[email protected]

18 comments fedilink hide all child comments

top 13 comments

sorted by: hot top controversial new old

[–] [email protected] 18 points 1 year ago

To save everyone’s time:

The first app named “File Recovery and Data Recovery” (com.spot.music.filedate) has over 1 million installs, and the second one named “File Manager” (com.file.box.master.gkd) has over 500,000 installs.

[–] [email protected] 12 points 1 year ago (3 children)

Why is it always file manager apps?

[–] [email protected] 29 points 1 year ago (1 children)

Because a file manager app asking for Full Disk Access is not suspicious, and Full Disk Access is one hell of a good way to get access to data to exfiltrate. There likely wouldn't even be suspicion if it also asked for Internet access: if it supports connecting to network shares, you wouldn't think twice about it having that permission.

[–] [email protected] 6 points 1 year ago (1 children)

Simple File Manager Pro is FOSS. Just use this if you have to get a third party file manager.

https://f-droid.org/packages/com.simplemobiletools.filemanager.pro/

[–] [email protected] 3 points 1 year ago

Also Material Files or Amaze are good and well-known ones.

[–] [email protected] 4 points 1 year ago

I assume that one factor is that they necessarily have to have access to your files.

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (1 children)

It's always apps that you definitely don't need in the first place. File managers, battery savers, RAM managers, etc. The users who would think to install those kinds of apps, when their phone already likely already has built-in (and probably better) support for that functionality, are the same users malware developers look to target. They're usually not tech savvy, and less likely to realize that their data's been compromised, and even less likely to determine who compromised it.

[–] [email protected] 4 points 1 year ago* (last edited 1 year ago)

I have paid for Xplore because built in file managers ALWAYS absolutely lacking in usability, features and are generally much worse products, or are filled with garbage (or even worse, in the case of MIUI its a privacy nightmare). Xplore is the only file manager that has made me not use a ES File Explorer apk made for Android 4 from 2014 that I still used into the start of this year 2023 (from before the Cheetah Mobile acquisition, that turned the app updates into malware). This ancient version of ES File Explorer STILL works almost perfectly in Android 12.

[–] [email protected] 5 points 1 year ago (1 children)

If I have "File Manager +" does that mean I'm extra spied on??

[–] [email protected] 2 points 1 year ago (1 children)

File Manager + Spyware

[–] [email protected] 3 points 1 year ago (1 children)

No no no it's just China doing you a solid and backing up your sensitive information just in case you lose your phone. It uses Blockchain technology where if you ever need it back they just block you.

[–] [email protected] 2 points 1 year ago

My experience with Aliexpress

[–] [email protected] 4 points 1 year ago* (last edited 1 year ago)

use MiXplorer or ZArchiver, they are good.
MiXplorer (and it's addons): Google Drive / Beta (mixplorer.com/beta) (or, if you want to support the developer; Google Play Store (includes addons))
ZArchiver: Google Play Store

edit: corrected the layout.

load more comments