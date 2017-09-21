A free mobile anti-virus app developed by the DU group, a developer of Android apps, has been found to collect user data without the device owners' consent.

According to Check Point mobile threat researchers reporting in an 18 September blog, “...when the app runs for the first time, the DU Antivirus Security app collects information from the device, such as unique identifiers, contact list, call logs, and potentially the location of the device. This information is then encrypted and sent to a remote server. The customer information is later used by another app offered by the DU group, called “Caller ID & Call Block – DU Caller,” which provides users with information about incoming phone calls.

The app, DU Antivirus Security, is distributed over Google Play, Google's official app store, and had been downloaded between 10 and 50 million times, according to Google Play data.

The researchers point out that users would have trusted DU Antivirus Security to protect private information, when in fact it did the exact opposite. “It collected the personal information of its users without permission and used that private information for commercial purposes. Information about your personal calls, who you're speaking with and for how long, was logged and later used.

Check Point says it reported the illegal use of the users' private information to Google on 21 August, 2017, and the app was removed from Google Play on 24August, 2017. A new version that doesn't include the harmful code was uploaded to the Play store on August 28, 2017. Version number 3.1.5 of DU Antivirus Security is the latest version number found to include this privacy-leaking code, but older versions might still include it.

Check Point researchers detected the same code in 30 other apps with the code affecting between 24 and 89 million users; 12 of the other apps were on Google Play and subsequently removed.

