Big Star Labs Spyware Infected 11 Million Devices Before Removal from App Stores

cageymaru

cageymaru

Fully [H]
Joined
Apr 10, 2003
Messages
22,076
A Delaware company called Big Star Labs created multiple spyware applications and 11 million people downloaded them from the Google Play store as Google Chrome extensions and the Apple App Store as an ad-blocker. The apps ranged from mobile health club apps to speed boost utilities. The apps collected data from every website that the user visited via their browser and sent the data back to several different servers. The terms of service said that they would send non-identifiable information, but analyzing the data stream proved otherwise. All of the apps have been removed from the app stores after the story broke, but the damage has already been done.

When you install or use the Poper Blocker Product, we collect from you: the type of device, operating system and browsers you are using; the date and time stamp; the browsing usage, including visited URLs, clickstream data or web address accessed; TabID; the browser identifier; and your Internet Protocol address (trimmed and hashed so that it cannot be used to identify you).

The last part of this clause is not quite true. I am not sure what they mean by this non-identifying "trimming and hashing", but I observed the full-page addresses being transmitted to their server.
 
One used to hear about this crap a couple times every few years, then once a quarter now several times a week. This is not a joke this is all part of someones plan to collect information on the consumers/peasant and not one damn was given by anyone. At what point do we start seeing any form of benefit from this such as why do I ever need to go to the DMV and update my license just update my microchip implant, why do I need to go to a tax consultant you know everything just send me a bill already.
 
cageymaru said:
A Delaware company called Big Star Labs created multiple spyware applications and 11 million people downloaded them from the Google Play store as Google Chrome extensions and the Apple App Store as an ad-blocker. The apps ranged from mobile health club apps to speed boost utilities. The apps collected data from every website that the user visited via their browser and sent the data back to several different servers. The terms of service said that they would send non-identifiable information, but analyzing the data stream proved otherwise. All of the apps have been removed from the app stores after the story broke, but the damage has already been done.

When you install or use the Poper Blocker Product, we collect from you: the type of device, operating system and browsers you are using; the date and time stamp; the browsing usage, including visited URLs, clickstream data or web address accessed; TabID; the browser identifier; and your Internet Protocol address (trimmed and hashed so that it cannot be used to identify you).

The last part of this clause is not quite true. I am not sure what they mean by this non-identifying "trimming and hashing", but I observed the full-page addresses being transmitted to their server.
Click to expand...

The spyware wasn't in the Apple App Store. They basically tricked people into enrolling their iPhones into MDM and used that to sideload the application since Apple would never approve it for the store.
 
Not knowing the full details of what they were transmitting or if it really was personally identifiable (it likely is, since they all are barely hiding the personally identifiable parts it seems, and they can be descrambled by an inexpensive 3rd party service), the way this is written indicates that cagey, or maybe the article's author, doesn't know the difference between your originating, personally identifiable IP address, and the remote IPs of websites you visit...

"The last part of this clause is not quite true. I am not sure what they mean by this non-identifying "trimming and hashing", but I observed the full-page addresses being transmitted to their server." - they specifically say the "full page addresses" of sites you visit are transmitted, but your own IP is hashed, in the terms. I'm sure both are able to be gleaned from the data like usual with a little work, but that is no different than anyone else selling personal data with website tracking.
 
damicatz said:
The spyware wasn't in the Apple App Store. They basically tricked people into enrolling their iPhones into MDM and used that to sideload the application since Apple would never approve it for the store.
Click to expand...
Never owned an Apple phone. Thanks for clarifying that. ;)
 
Behavior like this will not stop until People start serving hard time for it. It is too profitable.
 
You must log in or register to reply here.
Back
Top