Nearly two years after Clean Master, an app promising antivirus protection and private browsing was removed from Google's Play Store, a new report has claimed that the app might be still causing trouble for its past and present users. The app that was developed by Cheetah Mobile, a Chinese Internet company, was removed from Google Play in 2018 after it was found that the app was allegedly involved in ad fraud schemes. At its peak, Clean Master was a quite popular app with over a billion downloads and it can be assumed that the app is still present on millions of smartphones.
According to a report by Forbes, Clean Master has been collecting all manner of private Web user data that a security firm shared with Google. As previous reports indicated that several apps by Cheetah Mobile including Clean Master were involved in ad fraud schemes, Google never officially revealed the reasons to remove the app(s) from its app store. Other Cheetah products — CM Browser, CM Launcher and Security Master — apps with millions of downloads have been also snooping into users' data, the report added citing a researcher at a cybersecurity company.
The report revealed that users' data such as browsing history, search engine queries, Wi-Fi access point names, and even scrolling patterns were collected by the app. This was even highlighted in an article by VPN Pro, a cybersecurity guidance website, which claimed that apps such as Clean Master was collecting "dangerous information" of the users and need to be uninstalled.
Cheetah Mobile's response to allegations
At the time when Cheetah Mobile was levelled with ad fraud allegations, the Chinese company had denied its apps could falsely claim ad clicks for profit. Amid the latest allegations, the company told Forbes that it is (emphasis ours) collecting users' Web traffic and other data, "but is doing so largely for security reasons".
"For instance, it's monitoring Internet browsing to ensure the websites users are visiting aren't dangerous. It's also doing so to provide certain services like suggesting recent trending searches," the report added citing Cheetah Mobile's response.
The company also said that it is accessing Wi-Fi network names to prevent users from joining malicious Wi-Fi networks.
Meanwhile, multiple security experts told Forbes that there are much more secure ways to collect data for a better experience. Graham Cluley, a security analyst said such data collection was "clearly a concern."
"There are ways for a security firm to check for threats without having to collect so much information, which could potentially be used to lessen users' privacy," Cluley added.