Infosec researchers at Palo Alto Networks’ Unit 42 threat intelligence unit spotted a pair of prominent Chinese apps leaking personal data, and after it informed Google the ad giant dumped the apps from its Play store.
The researchers named Chinese web giant Baidu’s Search Box and Maps as the offending apps, saying collected devices’ MAC addresses and the unique International Mobile Subscriber Identity (IMSI) that identifies mobile network subscribers.
As the IMSI moves when a user adopts a new phone, the apps therefore “made users trackable, potentially over their lifetime.”
Baidu has over 350 million monthly active users across its extensive range of web services and apps.
Palo Alto noted that collecting MACs and IMSIs is “not a definitive violation of Google’s policy for Android apps”. But the practice is discouraged.
The Unit 42 team ..
Support the originator by clicking the read the rest link below.
