Android users are being warned that over 1,000 Google Play Store apps have been found to be hiding a nasty secret.
Android is one of the world’s most used pieces of software, with over two billion devices running the Google mobile OS each month.
But Android users are no strangers to security alerts, with some recent widespread threats being circulated via apps found on the Goole Play Store.
Six Android apps that were downloaded a staggering 90million times from the Google Play Store were found to have been loaded with the PreAMo malware.
While another recent threat saw 50 malware-filled apps on the Google Play Store infect over 30million Android devices.
And now Android users are being warned that over 1,000 apps found on the Google Play Store are hiding a nasty secret.
A new study has found that some 1,325 Android apps from the Google Play Store were harvesting user data that they shouldn’t have.
The research was conducted by the International Computer Science Institute (ICSI) who tested 88,000 apps from the US Play Store.
The study found these Android apps were gathering data from devices even after people explicitly denied them permission.
The details that were gathered from Android users were precise geolocation data and phone identifiers.
Serge Egelman, director of usable security and privacy research at the ICSI, said: “Fundamentally, consumers have very few tools and cues that they can use to reasonably control their privacy and make decisions about it.
“If app developers can just circumvent the system, then asking consumers for permission is relatively meaningless”.
The ICSI study found that the apps that violated permissions used workarounds in code to take data from sources like Wi-Fi connections and photo metadata.
Apps the study pinpointed included Baidu’s Hong Kong Disneyland park apps, Samsung’s Health and Browser apps as well as Shutterfly.
Egelman said researchers notified Google about these issues last September as well as the US’s Federal Trade Commission.
The search engine giant said the issues would be addressed in the major Android Q update, which is coming later this year.
Android Q will address this by hiding location information in photos from apps.
It will also require apps that access Wi-Fi have a permission for location data, according to a post by Cnet.
The news comes after another piece of research discovered that thousands of copycat apps filled with malware were located on the Google Play Store.
The study was conducted by the University of Sydney and CSIRO’s Data61, and spotted a huge amount of dangerous apps hiding in plain sight.
The research used a neural network to review 1.2million apps.
Writing for Forbes, Zak Doffman – the founder and CEO of Digital Barriers – advised Android users on how to stay safe from fake Android app threats.
Doffman said: “Ultimately, there’s no substitute for common sense and treating apps from unknown sources as potential threats.
“And that means checking carefully, not clicking casually.
“We carry all of the most valuable and private information we have on our smartphones, and we gladly give those devices access to the cloud storage where we store the rest.
“Our phones know where we live and work, and where we bank and spend.
“That’s worth remembering before inviting strangers into our virtual homes and giving them permission to roam around simply because they ask nicely.”
• Stay tuned to Express.co.uk for more Android news