We now cannot live without apps, and most of us install a lot of apps on your handset. While apps do bring us a lot of fun, we should also pay extra attention to those spywares which disguise them as normal apps, while doing all kinds of sneaky things in the background.
Last week, one of my friend decided to clean his Android phone, so he downloaded a cleaner app from the internet(yes he could access Google Play). While he did install the app successfully, the app disappeared and did no cleaning thing as it should on his phone.
He gave me his cell phone and asked me to take a look. I was quite interested and tried to find out what the app really wanted to do. Here are what I found.
As you can see from above chart, the app registered a few receiver events, autostart itself when the handset boots, or a network state change occurs etc..
At the same time, it starts a service in the background so that it can run all the time even if you push it to the background.
The app also hides its icon and that is why my friend can’t find it anymore.
But, the more important part is what the app does in the background? The below chart shows that it connects to the internet and send a lot of data to its server. The data includes your handset model, CPU and software version, IMEI number, SIM card, the list goes on.
But, again that’s not all. It also download instructions from the remote server and download ads, apps and plugins.
If you have anti-virus apps installed, the app also download two .jar files to stop them and reboot your handset.
So, what should we do? The answer is quite simple, try your best to download apps from Google Play or other legit platform, never ever install apps from unknown sources.