Popular "GoKeyboard" App Spying on Millions of Android Users
For Android smartphone users, online life is ever on the border every bit every other 24-hour interval at that topographic point is a novel agency amongst which cybercriminals excogitation to croak on a tab on their devices together with invade privacy. It is the dominion of the pollex that an Android user must never trust the device for storing confidential information every bit fifty-fifty the most harmless looking apps tin perform unnoticeable surveillance. Blame it on the agency app developers together with OEMs blueprint their products together with services.
AdGuard safety researchers receive got identified that Go Keyboard, an app developed yesteryear Chinese GOMO developer team, cannot endure trusted because it conducts spying together with therefore, Android smartphone owners must non download or install this app.
According to researchers, at that topographic point are ii variants of Go Keyboard available on Google namely “GO Keyboard – Emoji keyboard, Swipe input, GIFs” together with “GO Keyboard – Emoticon keyboard, Free Theme, GIF.“ Both versions shipping out individual information to remote servers together with execute unauthorized code on the android device. Each of the versions has most 100k to 500k downloads then far, together with on Play Store these apps are rated at 4.5 together with 4.4 stars.
Go Keyboard’s app information
Researchers from AdGuard became alerted most suspicious spying acts of keyboard apps later Touchpal keyboard app was identified to display ads on HTC devices before inwards 2017. It was suspected that GOMO developer squad was trying to collect individual together with confidential information such every bit the electronic mail address used to connect amongst Google Play Store, Android version, covert size, network type together with phone’s make/model number.
“We volition never collect your information including credit carte du jour information. In fact, nosotros attention for privacy of what you lot type together with who you lot type!”
The app does the exact contrary of what it promises or claims. It starts sharing personal information correct later its installation on the device together with communicates amongst dozens of tracking servers apart from collecting sensitive, confidential information.
Some of the permissions nosotros noticed are: “retrieve running apps, read sensitive log data, detect accounts on the device, read your contacts, read telephone telephone log, tape audio, display unauthorized windows, read damage you lot added to the lexicon together with add together words to user-defined lexicon etc.”
AdGuard has informed Google regarding its findings, together with the companionship is all the same to unloosen an official disceptation most the issue. However, iii days ago, inwards their comment section, AdGuard’s Andrey Meshkov wrote that Google never replied to their report.