Your one-stop web resource providing safety and security information to manufacturers

There is an app on Google Play that can secretly steal photos and videos.

The app, named HTML Source Code Viewer and created by Sunuba Gaming, requests permissions to access the device’s external storage, said researchers at Symantec.

RELATED STORIES
Android RAT Builder Released
Linux Kernel Defenses added to Nougat
Android FDE Vulnerability Patched
Google makes 108 Fixes for Android

Before it ended up flagged as malicious and removed by Google from the app store, at least 1,000 and possibly up to 5,000 users downloaded it.

It targets all versions of Android after and including Gingerbread.

Cyber Security

The researchers discovered that the app “posts files stored on the device in /DCIM/Camera/ and /DCIM/100LGDSC” (standard photo and video storage locations) to a web server hosted on proqnoz.info.”

“A look on this server revealed a wealth of personal media files dating as far back as March, 2015,” researchers said in a blog post. The collected media files could, at one point in the future, end up used “for blackmailing, ransomware attacks, identity theft, pornography, and other forms of victimization.”

Pin It on Pinterest

Share This