Researchers Warn About 24 Risky Apps from Chinese Tech Giant TCL

  • TCL was caught pushing nasty apps on the Google Play Store via various subsidiaries.
  • The apps ask for many permissions that they shouldn't need to access, like the GPS and camera. 
  • TCL has a long history of pushing malware, and they have never given explanations about it. 

Researchers from "VPNPro" have discovered a new batch of Chinese apps that are available on the Play Store, and which are asking the users to grant them various permissions. The 24 apps that were discovered have been downloaded by more than 382 million users, and are all developed by companies that belong to TCL’s ecosystem. TCL Corporation is a Chinese electronics maker who sells products under its own brand name, as well as Alcatel, Thomson, and BlackBerry.

Source: VPNPro Blog

In fact, TCL was caught red-handed in January 2019 by Upstream researchers, and yet it returned to ad-fraud operations again in April 2019 as if nothing had happened. This was a clear indication that TCL wasn’t suffering from an internal compromise of their development tools, but rather was knowingly engaging in the malicious practice. Of course, the company never admitted or disputed any of these allegations, and never provided an official explanation, so this raised the suspicions even further. TCL has a strong relationship with the Chinese government, so pushing spyware on purpose doesn't come as a surprise.

Source: VPNPro Blog

The new batch of apps that users should avoid are the following:

  • Super Cleaner by Hawk App
  • Hi Security by Hi Security
  • Candy Selfie Camera by ViewYeah Studio
  • Super Battery by Hawk App
  • Gallery by Alcatel Innovative Lab
  • Hi VPN by Hi Security
  • Net Master by Hi Security
  • Filemanager by
  • Apps (not on the Play Store)
  • Calculator (not on the Play Store)
  • Joy Recorder by
  • Weather by
  • Launcher developed by
  • Virus Cleaner 2019 by Hi Security
  • Calendar Lite by
  • Sound Recorder: Recorder & Voice Changer Free by

Some of the above are pushed on the Play Store under the same name and code but are promoted by different developers, so we have a total of 24 apps. Those that request the most permissions are the "Virus Cleaner 2019", and the "Candy Selfie Camera" In general, there are unjustified 'fine location' access requests, as well as inexplicable 'camera' and 'get accounts' requests. These apps are reportedly getting your location data 14,000 times per day, selling the data for $4 per month per 1,000 items.

Until TCL explains the situation to the public, we suggest that you stay away from their products. Even if they are not directly liable for this situation, they should have published an official statement explaining what’s going on. Their products are available worldwide, so they should be compelled by consumer protection organizations to give explanations immediately. Any failure to do so should result in their ban from foreign markets.

How to Watch Macy Murdoch Online: Stream the 2023 Spin-Off Series from Anywhere
Macy Murdoch is a new original tween mystery series, and we have the episode guide and release schedule, premiere date, cast, and...
Euro 2024 Qualifiers Live Stream: How to Watch International Soccer Online from Anywhere
The road to Euro 2024 is about to get underway, and Europe’s leading soccer stars will be battling it out to qualify...
How to Watch Redemption Online for Free: Stream the Paula Malcomson Series from Anywhere
Redemption is an upcoming British drama TV series featuring Paula Malcomson. You will find below all the information you may need, including...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari