anGadgets : #1 Product, Gadget & High-tech Discovery Platform
1590866152 New spyware in a popular video application has affected more
Home » New ‘spyware’ in a popular video application has affected more than 50 million users, according to a report

New ‘spyware’ in a popular video application has affected more than 50 million users, according to a report

QuVideo, developer of applications such as Vivavideo (a popular video editing application on both iOS and Android) contains a Trojan known as AndroidOS/AndroRatThe company is capable of stealing data related to bank accounts, crypto-currencies and PayPal according to a report by VPNpro. Similarly, Virustotal corroborates this information by tagging the Trojan.

QuVideo has more than 50 million installationsIn the case of Android, it asks for quite a few permissions unrelated to its video editor functions, such as GPS permissions, reading contacts, phone status, user call logging and even read/write permissions on the system.

QuVideo and Vivavideo in the spotlight

Image 2020 05 29 11 09 01 QuVideo has already been removed from Android, but Vivavideo still stands, so we can see all the permissions that are requested.

VPNpro has reported on a Trojan found in the QuVideo for Android application. This application managed to surpass 50 million downloads and the problem has been located through Virustotal. Apart from the Trojan, QuVideo has highlighted the abusive permissions available to the application (the same as Vivavideo), such as GPS, calling, reading and writing and so on. The application has already been removed from the Play Store, but not from the App Store.

Although the application is also present in iOS, Apple’s permission system is more restrictiveThe application has therefore not been detected as a potential threat. From VPNpro they put more context about QuVideo and Vivavideo applications, highlighting that already in 2017 QuVideo was detected as Spyware.

Although QuVideo has been removed, Vivavideo is still in Play Store and applications with practically identical code as well, although not signed by the same developer

In the face of these detections, VPNpro indicates that three other dangerous applications have been releasedVidStatus, Vivacut and Tempo in Play Store, with the same API key inside and identical URL structures to those of QuVideo. However, these applications have been published under different developer accounts, so it cannot be claimed that they belong to the developer of Vivavideo.

Among these apps over 150 million downloadsalthough only QuVideo has been identified with a Trojan horse. However, VPNpro warns about the use of these applications that ask for such a number of permissions being only video editors.

Via : VPNpro

Add comment