Google has removed an Android app from the Play Store after security researchers from Symantec noticed the application was secretly scanning and stealing personal photos and videos from users' devices.
The app is HTML Source Code Viewer, and it was developed by a developer named Sunuba Gaming. At the time Google removed it, the application had between 1,000 and 5,000 installs.
The app's moniker is self-explanatory, and it allowed users to view the source code of a Web page. Users only had to enter a URL, and the application retrieved that site's source code and printed it on the screen. According to Symantec, the app did a little more than that. They say that HTML Source Code Viewer contained code that scanned the local "/DCIM/Camera" and "/DCIM/100LGDSC/" folders, the standard location on Android devices for storing images and videos.
The app then took all the data it found and uploaded it to an online server located in Azerbaijan, at proqnoz.info. The app's latest update dates back to January 2015. Symantec says that it managed to access the server folder where all the data was uploaded, and it found images and videos dating back to March 2015. "This personal media could be used for blackmailing, ransomware attacks, identity theft, pornography, and other forms of victimization," Symantec's Shaun Aimoto explains.