1. FRUIT NINJA by halfbrick studios, total downloads 1,610,291

This app contains a secret code that leaks highly private data to their adverstising partners mobclix (MWR security).This app gains full phone contact list of users who have downloaded the app as well as tracking locations of the user.

FIGURE 2

Figure 1 shows the androidmanifest.xml code downloaded from the playstore and the apk extracted and code studied. The code shows that a mere game app having the permission to send and receive sms without the consent of the user.

Codeif MCC == 250 THEN

if MNC==02 thenactivation failed

else if MNC==01 thensendSMS(“40973”+ scheme) -> 3858

else if MNC==99 thensendSMS(“4481”+scheme) ->4481

end if if MNC==20 then

set dynamic schemeendif elseif MCC==401 then

if MNC==02 || MNC ==01 thenactivation failed

elseif MCC==400 || MCC==255 || MCC ==283|| MCC==259 || MCC==437 ||MCC==289 || MCC ==257 thenSet dynamic schemesendSMS(“40947”+scheme) ->enf

The code shows that the application has build messaging system based on the Mobile Country Code (MCC) and Mobile Network Code (MNC). A look through mcclisit website and in relation to the code the application uses MCC from Russia, Ukraine, Kazakhstan, Armenia, Moldova, Belarus

FIGURE 3

Further research showed that the number 3858 is been operated by a russian company called PM-Invest Ltd. They operate premium numbers where any client can get commission for refferals and this is what is coded in a simple game like fruit ninja

2. BRIGHTEST FLASHLIGHT FREE by goldenshores technologies, total downloads 1,096,222

As advertised the main function of this app is to turn all available lights on your device including camera, keyboard, notification LED. From this point it looks like any normal app that users can download without any fear of any intrusion into personal details.

FIGURE 2

The figure above shows upon installation the permissions the app is going to use upon installing it. An ordinary app to illuminate a phone will no way ethically access the location of the user. On the phone calls permission the app reads phone status and identity that is it can send out your device id to the developer. The aim of these permissions set out by the developer Is to trick users in getting their details and selling to advertisers to make money from a free app as set on goggle play. The company settled federal trade commission charges that the app deceived users about what actually their info is used for.

3.super –bright led torchby surpax technologies inc, total downloads 50,000,000

permissions needed by the app to run

Phone calls – read phone status and identity Network communication – receive data from internet view WIFI

connections view network connections Development tools – test access to protected storage