Researchers Warn About 24 Risky Apps from Chinese Tech Giant TCL

  • TCL was caught pushing nasty apps on the Google Play Store via various subsidiaries.
  • The apps ask for many permissions that they shouldn't need to access, like the GPS and camera. 
  • TCL has a long history of pushing malware, and they have never given explanations about it. 

Researchers from "VPNPro" have discovered a new batch of Chinese apps that are available on the Play Store, and which are asking the users to grant them various permissions. The 24 apps that were discovered have been downloaded by more than 382 million users, and are all developed by companies that belong to TCL’s ecosystem. TCL Corporation is a Chinese electronics maker who sells products under its own brand name, as well as Alcatel, Thomson, and BlackBerry.

Source: VPNPro Blog

In fact, TCL was caught red-handed in January 2019 by Upstream researchers, and yet it returned to ad-fraud operations again in April 2019 as if nothing had happened. This was a clear indication that TCL wasn’t suffering from an internal compromise of their development tools, but rather was knowingly engaging in the malicious practice. Of course, the company never admitted or disputed any of these allegations, and never provided an official explanation, so this raised the suspicions even further. TCL has a strong relationship with the Chinese government, so pushing spyware on purpose doesn't come as a surprise.

Source: VPNPro Blog

The new batch of apps that users should avoid are the following:

  • Super Cleaner by Hawk App
  • Hi Security by Hi Security
  • Candy Selfie Camera by ViewYeah Studio
  • Super Battery by Hawk App
  • Gallery by Alcatel Innovative Lab
  • Hi VPN by Hi Security
  • Net Master by Hi Security
  • Filemanager by
  • Apps (not on the Play Store)
  • Calculator (not on the Play Store)
  • Joy Recorder by
  • Weather by
  • Launcher developed by
  • Virus Cleaner 2019 by Hi Security
  • Calendar Lite by
  • Sound Recorder: Recorder & Voice Changer Free by

Some of the above are pushed on the Play Store under the same name and code but are promoted by different developers, so we have a total of 24 apps. Those that request the most permissions are the "Virus Cleaner 2019", and the "Candy Selfie Camera" In general, there are unjustified 'fine location' access requests, as well as inexplicable 'camera' and 'get accounts' requests. These apps are reportedly getting your location data 14,000 times per day, selling the data for $4 per month per 1,000 items.

Until TCL explains the situation to the public, we suggest that you stay away from their products. Even if they are not directly liable for this situation, they should have published an official statement explaining what’s going on. Their products are available worldwide, so they should be compelled by consumer protection organizations to give explanations immediately. Any failure to do so should result in their ban from foreign markets.

How to Watch Christmas on Cherry Lane Online from Anywhere
Christmas on Cherry Lane depicts three families and their holiday traditions. This holiday film will premiere on the Hallmark Channel in the...
How to Watch EPCR Challenge Cup 2023/24 Online from Anywhere 
Rugby fans are looking forward to the start of the EPCR Challenge Cup 2023, which will pit 18 of the top club...
How to Watch Merry Little Batman Online Free from Anywhere
The beginning of the holiday season heralds the release of a new superhero Christmas special, Merry Little Batman, which takes us to...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari