Your Beauty Camera Apps Might Be Stealing Your Data and Infecting Your Phone With Malware

Hinshal Sharma
By Hinshal Sharma
5 Min Read

Nearly all smartphones available in the market today have a front-facing selfie camera, allowing almost every person owning a smartphone to capture selfies. It is believed that around 100 million selfies are posted every day on the internet! Selfie and makeup apps were greatly benefited and nearly blew up, as millions of people started using them! You might also be having a selfie app on your phone that you installed from the app store, but what if we tell you that not only does the app edit and beautify your selfies, but it might also be collecting your personal data and infecting your phone with malware!

One of the most famous selfie app BeautyPlus – Easy Photo Editor & Selfie Camera, which has over 100,000,000+ installs was accused of collecting user data and then selling it to others. The Indian government also reported this app as malware back in 2017. Another app developer Lyrebird Studio, having many selfie, makeup, and photo editing apps was reportedly showing pornographic ads to users which led to a phishing webpage that collected their personal information.

Recently, CyberNews did research on the top selfie apps available on the play store, and found some shocking results! There is an app on the Play Store named Beauty Camera by Phila AppStore, which uses the camera without even asking for its permission! There isn’t any camera-related permission even listed in its App permissions settings, which is against Google’s policies. To make things worse, an annoying 5-second ad welcomes you when you open the app, and then they’ll be displayed every now and then. Surprisingly, this app has over 500,000+ installs!

App Permission Settings of Beauty Camera

CyberNews tried to mail the developer regarding this, but the email ID they listed was no longer in work. They did contact Google later and are waiting for their response.

- Advertisement -

Many of the camera apps tested request some unnecessary permissions. For example, an app requested permission to read all saved contacts, while many apps requested the exact location (using cellular and Wifi network). We recommend you to be careful and only provide the permissions that the apps need to work.

An app named Beauty Camera – Selfie Camera with Photo Editor with over 1,000,000+ installs, is published by a developer named Coocent. The developer was previously caught with an app containing malware. The app was listed amongst the IDs of apps containing malware, released by a Spanish website Blogthinkbig.

Apps allegedly containing malware

CyberNews further found 3 developers named Coocent, KX Camera Team and Dreams Room could be linked as they offer somewhat similar apps. This wasn’t the only similarity between them. The privacy.txt file of all 3 developers is hosted on the same domain.

privacy.txt files of all 3 developers are hosted on the same domain name. (Via CyberNews)

 

- Advertisement -

So it is almost obvious that these developers are linked and may be owned by a same company based in China. The other 2 developers also have selfie apps named Selfie Camera – Beauty Camera & Photo Editor and Beauty Camera – Selfie Camera & AR Stickers, with former having over 10,000,000+ installs, and the latter has been installed 1,000,000+ times.

From the list of  30 apps that were analyzed, most of the apps either had annoying ads, requested unnecessary permissions, or were alleged to be linked with malware. If you care about your privacy, you should not install any app from the Play Store unless it comes from a trusted developer.

Source

Share This Article
Leave a comment

Nearly all smartphones available in the market today have a front-facing selfie camera, allowing almost every person owning a smartphone to capture selfies. It is believed that around 100 million selfies are posted every day on the internet! Selfie and makeup apps were greatly benefited and nearly blew up, as millions of people started using them! You might also be having a selfie app on your phone that you installed from the app store, but what if we tell you that not only does the app edit and beautify your selfies, but it might also be collecting your personal data and infecting your phone with malware!

One of the most famous selfie app BeautyPlus – Easy Photo Editor & Selfie Camera, which has over 100,000,000+ installs was accused of collecting user data and then selling it to others. The Indian government also reported this app as malware back in 2017. Another app developer Lyrebird Studio, having many selfie, makeup, and photo editing apps was reportedly showing pornographic ads to users which led to a phishing webpage that collected their personal information.

Recently, CyberNews did research on the top selfie apps available on the play store, and found some shocking results! There is an app on the Play Store named Beauty Camera by Phila AppStore, which uses the camera without even asking for its permission! There isn’t any camera-related permission even listed in its App permissions settings, which is against Google’s policies. To make things worse, an annoying 5-second ad welcomes you when you open the app, and then they’ll be displayed every now and then. Surprisingly, this app has over 500,000+ installs!

App Permission Settings of Beauty Camera

CyberNews tried to mail the developer regarding this, but the email ID they listed was no longer in work. They did contact Google later and are waiting for their response.

- Advertisement -

Many of the camera apps tested request some unnecessary permissions. For example, an app requested permission to read all saved contacts, while many apps requested the exact location (using cellular and Wifi network). We recommend you to be careful and only provide the permissions that the apps need to work.

An app named Beauty Camera – Selfie Camera with Photo Editor with over 1,000,000+ installs, is published by a developer named Coocent. The developer was previously caught with an app containing malware. The app was listed amongst the IDs of apps containing malware, released by a Spanish website Blogthinkbig.

Apps allegedly containing malware

CyberNews further found 3 developers named Coocent, KX Camera Team and Dreams Room could be linked as they offer somewhat similar apps. This wasn’t the only similarity between them. The privacy.txt file of all 3 developers is hosted on the same domain.

privacy.txt files of all 3 developers are hosted on the same domain name. (Via CyberNews)

 

- Advertisement -

So it is almost obvious that these developers are linked and may be owned by a same company based in China. The other 2 developers also have selfie apps named Selfie Camera – Beauty Camera & Photo Editor and Beauty Camera – Selfie Camera & AR Stickers, with former having over 10,000,000+ installs, and the latter has been installed 1,000,000+ times.

From the list of  30 apps that were analyzed, most of the apps either had annoying ads, requested unnecessary permissions, or were alleged to be linked with malware. If you care about your privacy, you should not install any app from the Play Store unless it comes from a trusted developer.

Source

Share This Article
Leave a comment