Home > Cyber News > HTML Source Code Viewer Android App Steals Media from Developers

HTML Source Code Viewer Android App Steals Media from Developers


Unfortunately, Google Play is full of booby traps and users should always be careful with the apps they install. Recent examples of applications that turned out to be more than what the user has bargained for are:

Have You Installed HTML Source Code Viewer?

Another dubious app should be added to the list. HTML Source Code Viewer was just uncovered by Symantec researchers. The app stealthily steals photos and videos from mobile devices. Data and media stealing apps is not news. However, this piece of code seems to be rather interested in a specific group of users – web and app developers.

The HTML Source Code Viewer app by Sunuba Gaming poses as a development tool, then steals pictures and videos from mobile devices.

Symantec stumbled upon the app while enhancing their mobile cloud-based software Mobile Insight. The researchers were particularly looking for apps that leak personally identifiable information. HTML Source Code Viewer immediately made them suspicious, as it was displaying malicious behavior. The app poses as a development tool but in fact posts files stored on the device “/DCIM/Camera” and “/DCIM/100LGDSC/” (standard photo and video storage locations) to a web server hosted on proqnoz(.)info.

Proqnoz(.)info hosts tons of personal media files, the oldest of which date back to March, 2015. Why are the developers of Sunuba Gaming collecting PII of other developers? They may be doing this illegal data collection for plenty of reasons like blackmailing, ransomware attacks, identity theft.

What is worse is that HTML Source Code Viewer has been downloaded from thousands us users, ranging from 1,000 to 5,000.

What Android Versions Are Endangered by HTML Source Code Viewer?

The malicious app targets all versions of Androud, Gingerbread included, and uses the following permissions:

android.permission.INTERNET (allows app to open network connections)
android.permission.ACCESS_NETWORK_STATE (allows the app to access information about networks)
android.permission.READ_EXTERNAL_STORAGE (allows the app to read from external storage)
android.permission.WRITE_EXTERNAL_STORAGE (allows the app to write to external storage)

Why You Should Monitor Your Apps and the Permissions You Grant Them

On one hand, you have apps that are often used by advertisers to collect sensitive information about you. In 2010, The Wall Street Journal made an investigation on 101 applications and showed how marketers were tracking mobile users through apps, or various mobile software products installed on users’ smartphones. Researchers found out that 56 of the investigated apps shared (with advertisers) the phone’s unique ID number, 47 apps shared the phone’s location and 5 shared personal information about the user.

On the other hand, you can easily download a malicious app masqueraded as regular. Some apps, like HTML Source Code Viewer, are developed to target specific groups of people. This means that malicious app developers are figuring out new ways to get to users and victimize whatever information they are after.

Read More about Targeted Advertising

What Can You Do to Manage Your App Permissions?

  • Research your applications before installing them;
  • Carefully read the privacy policy, terms of service and list of permissions in Google Play Store;
  • Check if the permissions the app asks are covered by the app’s functionalities;
Read More about Android App Permissions

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *