"Baidu Apps in Google Play Leak Sensitive Data"
Researchers at Palo Alto Unit 42 discovered that multiple Android mobile apps found in Google Play, including Baidu Search Box and Baidu Maps, leak data that could be used to track users, even if they switch devices. The apps in question expose a range of information, including: Phone model; screen resolution; phone MAC address; wireless carrier; network (Wi-Fi, 2G, 3G, 4G, 5G); Android ID; International Mobile Subscriber Identity (IMSI); and International Mobile Equipment Identity (IMEI). Adversaries could use the information to track users across devices, disable phone service, or intercept messages and phone calls. The applications in question have each been downloaded millions of times.
Threatpost reports: "Baidu Apps in Google Play Leak Sensitive Data"