Baidu collects sensitive user data
Baidu collects sensitive user data

In October, Google removed two popular Android apps from the Google Play Store due to collecting sensitive user data.

The two apps in question, Baidu Maps and Baidu Search Box from Chinese tech giant Baidu, capture device identifiers without the user's knowledge in order to make them trackable online.

Network security company Palo Alto Networks made the discovery and reported its results to Baidu and Google.

This prompted Google to remove the "Baidu Maps" and "Baidu" search boxes on October 28 as no violations were reported.

On November 19, Google re-applied the Baidu Terms of Service-Compatible Search Box to the Google Play Store. The Baidu Maps app was only available after the unresolved issue was resolved. This is what Google indicated.

Another app called Homestyler is also found collecting sensitive user data from Android devices.

According to researchers at Palo Alto Networks, the complete list of data collected by these apps includes:

  • Cell phone model.
  • screen resolution
  • Telecom Company.
  • Network (Wi-Fi, 2G, 3G, 4G, 5G).
  • Android ID.
  • IMSI number.
  • IMEI number.
  • MAC address.

Palo Alto Networks uses a machine learning-based algorithm designed to detect abnormal spyware traffic.

The investigation revealed that the leak is related to Baidu PushSDK software development tool and ShareSDK software development tool from Chinese company MobTech. The latter supports around 37,500 apps, including over 40 social media platforms.

While Google takes steps to protect its app store and prevent malicious activity, malicious participants are looking for ways to enter the app market and make money through the platform.

An academic study published earlier this month by researchers at NortonLifeLock found that the Google Store is the main source of malware installed on Android devices (about 67.5%).

This study is based on an analysis of installing apps on 12 million devices between June and September 2019, in part due to the platform's widespread popularity.

Researchers said: Google's defenses target unwanted apps, but there is still a large number of unwanted apps it can bypass, making it the primary carrier platform for distributing unwanted apps.

Previous Post Next Post