- TCL was caught pushing nasty apps on the Google Play Store via various subsidiaries.
- The apps ask for many permissions that they shouldn’t need to access, like the GPS and camera.
- TCL has a long history of pushing malware, and they have never given explanations about it.
Researchers from “VPNPro” have discovered a new batch of Chinese apps that are available on the Play Store, and which are asking the users to grant them various permissions. The 24 apps that were discovered have been downloaded by more than 382 million users, and are all developed by companies that belong to TCL’s ecosystem. TCL Corporation is a Chinese electronics maker who sells products under its own brand name, as well as Alcatel, Thomson, and BlackBerry.
In fact, TCL was caught red-handed in January 2019 by Upstream researchers, and yet it returned to ad-fraud operations again in April 2019 as if nothing had happened. This was a clear indication that TCL wasn’t suffering from an internal compromise of their development tools, but rather was knowingly engaging in the malicious practice. Of course, the company never admitted or disputed any of these allegations, and never provided an official explanation, so this raised the suspicions even further. TCL has a strong relationship with the Chinese government, so pushing spyware on purpose doesn’t come as a surprise.
The new batch of apps that users should avoid are the following:
- Super Cleaner by Hawk App
- Hi Security by Hi Security
- Candy Selfie Camera by ViewYeah Studio
- Super Battery by Hawk App
- Gallery by Alcatel Innovative Lab
- Hi VPN by Hi Security
- Net Master by Hi Security
- Filemanager by mie-alcatel.support
- Apps (not on the Play Store)
- Calculator (not on the Play Store)
- Joy Recorder by mie-alcatel.support
- Weather by mie-alcatel.support
- Launcher developed by mie-alcatel.support
- Virus Cleaner 2019 by Hi Security
- Calendar Lite by mie-alcatel.support
- Sound Recorder: Recorder & Voice Changer Free by mie-alcatel.support
Some of the above are pushed on the Play Store under the same name and code but are promoted by different developers, so we have a total of 24 apps. Those that request the most permissions are the “Virus Cleaner 2019”, and the “Candy Selfie Camera” In general, there are unjustified ‘fine location’ access requests, as well as inexplicable ‘camera’ and ‘get accounts’ requests. These apps are reportedly getting your location data 14,000 times per day, selling the data for $4 per month per 1,000 items.
Until TCL explains the situation to the public, we suggest that you stay away from their products. Even if they are not directly liable for this situation, they should have published an official statement explaining what’s going on. Their products are available worldwide, so they should be compelled by consumer protection organizations to give explanations immediately. Any failure to do so should result in their ban from foreign markets.