Almost every couple of weeks there is a report or two about rogue and dangerous Android apps. These reports come from companies expert in cyber security, or companies making security apps. The latest report from Dr Web is similar. The report talks of 33 apps that Dr web deems dangerous and wants people to avoid. But what is surprising about these apps is just how popular they are, with many of the apps listed by Dr Web as a security and privacy risk having millions of installs.
The biggest in the list of 33 infected apps is Ixigo Trains that has over 50 million installs, and which is quite popular in India. Then there are many apps related to studies, GPS, navigation and location, prayer times and directions for Muslims and even a Gurbani app.
But why are these apps have been termed dangerous by Dr Web, a company that makes security apps? In a report on its website, Dr Web notes that these 33 apps are dangerous because they are “infected” with Android.Click.312.origin.
The company writes, “Android.Click.312.origin is a trojan module that can be embedded in Android applications by developers. It was first found in software distributed on Google Play. So as not to raise suspicion, the module starts working only 8 hours after launching in programs containing it. We also know modifications of this trojan, such as Android.Click.313.origin. After startup, Android.Click.312.origin connects to the command and control server… and sends it a POST request with the following information about the mobile device.”
What is this information that is sent by Android.Click.312.origin about a user’s phone.
— Manufacturer and model
— Operating system version
— User’s country of residence and the default system language
— User-Agent identifier
— Mobile carrier
— Internet connection type
— Display parameters (screen details)
— Time zone
— Data on the application containing trojan.
Dr Web notes that the trojan also monitors what apps a user is installing and then send details of that to its command server.
What this means in simple words is that the Android.Click.312.origin allows app makers to keep an eye on the app users by collecting important (and likely personal) data. But this is where things also get interesting.
Google has deleted a number of the apps that have been named by Dr Web in its list, but at the same a number of apps, including the most popular ones like the Ixigo Trains, continue to be available in the Android Play store.
So, over here at the India Today Tech, our impression is that the Android.Click.312.origin is not downright dangerous. Instead, it is a virus-like module that is often used by developers to track their users. This tracking can be benign, or it can be dangerous. However, this is also the sort of tracking that is widely prevalent in the world of Android and almost all apps, including apps by big tech companies do this sort of tracking. This is the reason why if you really care for security and privacy, it makes more sense for you to use an iPhone instead of an Android phone. That is relative — but not fully — better for privacy and security.
Having said that, if you are wondering what are these apps that Dr Web has highlighted because their code has a trojan, here is the list. Check and see if you need to be careful of these apps. Also, check whether Google has deleted these apps or not. If Google has, you should also delete them from your phone.
List of apps with Android.Click.312.origin (according to Dr Web)
— Ixigo Train
— GPS Fix
— Social Studies (a Russian app)
— 1300 Math Formulas Mega Pack
— Sikh World – Nitnem & Live Gurbani Radio
— OK Google Voice Commands (Guide)
— Ramadan Times: Azan, Prayer Times & Qibla
— Prayer Times: Azan, Quran, Qibla Compass
— Al Quran Mp3 – 50 Reciters & Translation Audio
— Full Quran MP3 – 50+ Audio Translation & Languages
— Qibla Compass – Prayer Times, Quran, Kalma, Azan
— Muslim Prayer Times & Qibla Compass
— GPS Route Finder
— Who deleted me?
— Who unfriended me?
— Notepad – Text Editor PRO
— Notepad – Text Editor PRO (different APK)
— Power VPN Free VPN for Android
— Video to MP3 Converter, RINGTONE Maker, MP3 Cutter
— Remove Unwanted Object
— GPS Speedometer PRO
— GPS Speedometer
— PDF Viewer
— Route Finder
— Pedometer Step Counter
— EMI Calculator – Loan & Finance Planner
— English Urdu Dictionary
— Cricket Mazza Live Line
— ai.type keyboard Plus + Emoji
— QR Code Reader
— QR & Barcode Scanner