We all know very well that Getting an antivirus is usually a sign that we need a tool to keep our system clean or to protect it from potential threats. However, have you ever wonder, that the antivirus itself can be a security threat.
Beware! This Mobile Antivirus App Caught Siphoning User Data
Getting an antivirus is usually a sign that we need a tool to keep our system clean or to protect it from potential threats. However, have you ever wonder, that the antivirus itself can be a security threat.
Check Point’s mobile threat team recently unveiled a free Android antivirus that simply collects user data without their consent. If you have it, just uninstall it right now.
The application, called DU Antivirus Security, was available on Google Play, the official Google store, and was downloaded millions of times.
According to Check Point’s research, when the application is run for the first time, it simply compiles device information – credentials, contact lists, call logs, and location – encrypts it and sends it to a remote server.
Subsequently, another application offered by the DU group, known as “Caller ID & Call Block – DU Caller”, which provides users with information about incoming calls, make use of this data.
Check Point informed the tech giant Google about these illegal DU practices on August 21st and the application was deleted from the Google Play store on the 24th. Version 3.1.5 of DU Antivirus Security is the latest to include malicious code, but versions can still contain it. A new antivirus update that does not include the malicious code was released on August 28.
Check Point researchers also detected the same code in 30 other applications, 12 of which were on Google Play, but the tech giant Google eliminated them in the meantime. In total, the malware affected between 24 and 89 million users, according to data from the tech giant Google.
Users who have installed DU Antivirus Security or any of the other applications should urgently verify that they have the latest version that no longer includes the malicious code or simply remove the application.
So, what do you think about this? Simply share your views and thoughts in the comment section below.