A weather forecast app which is pre-installed on Alcatel smartphones is loaded with the malware that secretly sending personal data to a server in China.
According to the findings of an investigation done by Upstream's Secure-D, the app was found collecting geographic locations, email addresses, IMEI codes, and sending all the user data to China. The app has a number of privacy-invasive permissions on the device.
The app has been developed by TCL, the Alcatel brand licensee, and is also available on the Google Play store. Till now it has been downloaded more than 10million times and has managed to have a decent user rating 4.4.
"As soon as the device was placed in the “sandbox”, the application also started – in the background (i.e. not visible to the user) – accessing web pages with digital ads. A specific url (https://traffic.tc-clicks.
The malware mostly affected users in Brazil, Kuwait, and some countries in Africa.
"We recorded 50MB to 250MB of data per day being consumed by the application's unwanted activity," researchers said. Incurring financial losses to victims.
Meanwhile, Google has removed the app from the Play Store after the Wall Street Journal and Upstream notified TCL and Google officials.
"The suspicious activity stopped after the WSJ contacted TCL," an Upstream spokesperson told ZDNet, "although the data collection continued."
