While many people love to use video editing apps, little do they realize that not all of these apps are user-friendly. For instance, VivaVideo. Researchers have found that VivaVideo, together with other apps from the same developers, actually spy on users. They seek dangerous permissions and access data unnecessarily.
Developers Behind VivaVideo App Spy On Users
Researchers from VPNPro have shared a detailed blog post regarding their findings on some spyware apps. Specifically, they found that the developers behind VivaVideo and other related apps are spying on users. They came to these findings owing to numerous dubious factors.
Reportedly, team VPNPro noticed that the app VivaVideo, while justifiably asking for permission to read/write files to external drives, also asked permission to the users’ GPS location – something not really needed for a video editing app.
Presently, this app has over 100 million installations on Google Play Store.
Another suspicious thing about this app is its developers. On Play Store, the app shows QuVideo Inc. as its developers, who own two other apps as well. These include the VivaVideo PRO Video Editor app, and Slideshow Maker – SlidePlus.
However, on Apple’s App Store, the same developers, QuVideo Inc. have two more apps: Tempo – Music Video Maker app, and VivaCut – Pro Video Editor. These two apps are also available on Play Store but under separate developers. This shows the developers have deliberately tried to hide their identity with these two apps on Play Store.
Moreover, while all three QuVideo Inc. apps boast email addresses with the same domains (vivavideo.tv) and address. However, the other two apps, Tempo and VivaCut, have different and simple Gmail email addresses under the developers’ details. Plus, the physical addresses are also different, VivaCut having the vaguest one.
Nonetheless, all these apps also ask unnecessary permissions such as access to the precise location, running app history, change network connectivity, phone status and identity, and other details.
Relation With Other Suspicious Apps
While digging out the details about WivaVideo and its developers, researchers could also find links between QuVideo Inc. and the popular app VidStatus. This app also asks 9 dangerous permissions including access to contacts, GPS, and call log. Plus, Microsoft has also detected this app as a trojan AndroidOS/AndroRat.
Besides, VPNPro could also find at least three suspicious links between the popular Indian app ShareChat and QuVideo. These include the same API key within the APK, similar URL structures, and similar homepages.
Considering all these suspicious behaviors, researchers advise users to stop using these apps and delete them. Otherwise, these apps pose a threat to users’ privacy and data security.
Let us know your thoughts in the comments.
Latest posts by Abeerah Hashim (see all)
- Researcher Hacked Tesla Model X Demonstrating Keyless Entry System Vulnerability - November 25, 2020
- GitHub Patched A Vulnerability Months After Google’s Report - November 25, 2020
- Bug in Twitter Fleets Where Posts Remain Visible - November 24, 2020