Google Play app "Peel Smart Remote" leaks users' pictures

Posted by The Pradeo Lab on April 09, 2019

The Peel Smart Remote app is a widely used Google Play application (100M+ installs) that has often made the news because of its highly intrusive behaviors, such as full screen overlays and untimely advertising, causing poor user experience.

Last week, the Pradeo Security engine alerted its users about severe security issues discovered in the app’s 10.7.3.3 version. It has been found that the application collects and leaks users’ pictures to a server that does not belong to the app publisher. Last Friday, the application was updated on the Google Play store (now version 10.7.4.2), the leaky behavior has been removed from the code but yet no communication was made by the company on this matter. Because applications’ update is not automatic on all Android devices, millions of users running the former version of the app are still currently exposed.

 

 

Read More

Pradeo's biannual mobile security report: The current mobile threat landscape

Posted by Roxane Suau on March 05, 2019

In the corporate sector, smartphones, tablets and mobile applications are trusted with confidential information and granted access to companies’ information systems.

 

 

Read More

What is a Man-In-The-Middle Attack

Posted by Roxane Suau on December 18, 2018

Smartphones and tablets have become the first point of access to the internet. This evolution has led to the creation of many Wi-Fi networks so people can connect from almost anywhere, but it opens a new playground for hackers. The growing amount of public networks and users who get connected to them has increased Man-In-The-Middle attack opportunities.

Read More

Are These Malicious Google Play Applications Still On Your Smartphone?

Posted by Roxane Suau on November 29, 2018

When Google and Apple remove malicious applications from their stores, people who have them on their smartphone are not notified of their dangerous behaviors. Therefore, millions of users keep malwares on their devices and expose all the data they manipulate to proven threats.

 

Read More

Official Sonic Apps Leak Data to Unverified Servers

Posted by Roxane Suau on January 18, 2018

Pradeo’s Lab discovered that some game applications in the Google Play published by SEGA, the famous video games developer and publisher, access and leak users’ geolocation and device data. Hundreds of millions of users are concerned by these data privacy violations.

Read More