An app by the name of HTML Source Code Viewer was removed by Google for secretly stealing user photos and videos. The app was developed by a company named Sunuba Gaming. When it was removed, HTML Source Code Viewer had up to 1000-5000 installs.
How Did HTML Source Code Viewer Steal Data?
HTML Source Code Viewer was a simple application for displaying the HTML code of an imputed URL. Nothing suspicious in and of itself, but the app copied and posted the content of the “/DCIM/Camera” and “/DCIM/100LGDSC/” Android folders, the usual directory for video/photo content on most devices. The files were reportedly posted on proqnoz.info, a site which is currently down. It’s possible that the domain was hacked, as it displays a humorous message, as you can see bellow.
At first glance, this can be funny. The problem is that the data gathered by the Sunuba Gaming crooks could be in the hands of a third party that’s still unidentified.
The removal from Google Play was reported by Symantec. They claim they’ve managed to access the app’s server folder. The server has stolen files that date back to March 2015. They’ve posted this photo:
HTML Source Code Viewer could steal data from all versions of Android released after and including Gingerbread. The app asked the following permissions:
- Access to opening network connection
- Access to information about networks
- Access to read the external storage
- Access to write to external storage
The Dangers of Malicious Data Collection
Dubious information gathering similar to the HTML Source Code Viewer case isn’t anything new. The most common and persistent way of stealing user data is the Browser Hijacker, but even that method pales in comparison to the app developed by Sunuba Gaming. Personal photos and videos are very sensitive. This data can be utilized for a variety of malicious activities, including hacking and ransomware targeting. Another danger is blackmailing. If someone has extra sensitive pictures and videos, like a nude photo, they could be used for blackmailing or cyber-bullying. Whoever you cut it, the HTML Source Code Viewer app was a violation of user privacy of the worst kind. If you have the malicious app on your computer, make sure to delete it as soon as possible. You should also take care to improve your Android security and to avoid installing malicious apps on your device. The Google Play store is filled with all kinds of unsecure content, and there’s much to be desired from the platform when it comes to cyber security.
