Secret Network of 27 Dodgy Android App Developers Unveiled

Researchers have caught a network of developers behind over a hundred Android apps on the Play Store. The apps boasting over 69 million active installations exhibited suspicious behavior and sought dangerous permissions.

Android Apps With Strange Behavior

CyberNews unveiled a network of developers behind a large number of Android apps on Google Play Store. Sharing their findings in a blog post, researchers revealed that they found 101 different Android applications exhibiting similar behavior. Though, they seemed unrelated to each other. Yet, the apps with over 69 million installations had numerous similarities which hint towards their connection.

Briefly, all the apps sought dangerous permissions not needed for their functionality. For instance, a call recording app seeking permission to take pictures and record videos. Or, a calculator app seeking access to camera and phone state. Likewise, they noticed phone cooling apps demanding access to phone status, location, and edit files. Such contrasting behavior hints towards the potential risk to users’ privacy and security.

Explaining this behavior, the researchers mentioned two possible scenarios, where the latter sounds more accurate considering the shady behavior of the apps.

Optimistically, they just want to make as much money from you as possible.
Pessimistically, these apps could be stealing your data or enabling malicious content to enter your device.

Many of the apps had the same Privacy Policy, the same incomplete Firebase website listed as the app’s site, and duplicate APKs. Moreover, almost all of them unapologetically copied popular apps’ UI with only minor changes.

Developers Network Unveiled Behind All Apps

Apart from the similarities in apps’ behavior, researchers also noticed a similar naming pattern of the app developers. Specifically, they observed that the developers had two-part Western names (with two exceptions). Thus, they dubbed the developers’ network as 2NAD (two-name app developer network).

CyberNews identified the following 27 developers in this 2NAD network.

  • Virgilo Malley
  • Daniel Malley
  • Alex Joe
  • Hudson Parker
  • Wilfred Wessner
  • Adaline Garraway
  • Armel Bilton
  • Noble Gracious
  • Arrow Frankie
  • Lukas Podolskies
  • Rusty Mari
  • Weldon Hazeltine
  • Jacinto Macias
  • Flavia Sleeman
  • Douglas Morace
  • Dulcie Lawing
  • Kylian Mbapee
  • ProCam – HD Camera
  • Evan Well
  • Samuels Dynamo
  • Fruit VPN – Better Connect
  • Carrie Waters
  • Antoine Kenyon
  • Darry Cowlly
  • Gaspard Aden
  • Alfred Persen
  • Hwan Seon

Researchers have advised users to get rid of any apps from these developers to avoid mishaps.

Because these apps are already participating in risky behaviors that potentially violate Google’s Android policies, it’s best that users delete these apps immediately to mitigate all risks.

Earlier this year, the same researchers also highlighted numerous Android camera apps spying on users and stealing data.

Let us know your thoughts in the comments.

Related posts

NachoVPN Attack Risks Corporate VPN Clients

Sweet Security Introduces Evolutionary Leap in Cloud Detection and Response, Releasing First Unified Detection & Response Platform

Anti-Spam WordPress Plugin Vulnerabilities Risked 200K+ Websites