Dangerous Play Store apps are revealing personal data of Android users

Dangerous Play Store apps are revealing personal data of Android users

February 22, 2026 discoverhiddenusacom Technology

Android Users at Risk: AI Apps Leak Personal Data – What You Need to Know

The Google Play Store, while offering a vast library of applications, harbors a growing number of potentially dangerous AI-powered apps. Recent investigations have revealed that many of these unlicensed and unsecured apps are exposing billions of personal records belonging to Android users. The core issue? Sloppy cloud configurations and hardcoded credentials within the apps themselves are leaving sensitive data vulnerable to unauthorized access.

The Case of Video AI Art Generator & Maker and IDMerit

One app, “Video AI Art Generator & Maker,” has emerged as a significant concern. Its developer, Codeway, also created another problematic app called IDMerit. IDMerit, installed over 500,000 times, leaked over 1.5 million user images, more than 385,000 videos, and millions of AI-generated files. This leak occurred due to a misconfigured Google Cloud Storage bucket, allowing public access to over 12 TB of user data – a total of 8.27 million media files collected since its launch in June 2023.

KYC Data Exposure: A Serious Threat

The situation escalated with the exposure of “Know-Your-Customer” (KYC) data from IDMerit. This highly sensitive information, legally required for identity verification by businesses and financial institutions, included full names, addresses, postcodes, dates of birth, national IDs, phone numbers, genders, and email addresses. The compromised data belonged to individuals in the U.S. And 25 other countries, including Germany, France, China, and Brazil.

Hardcoded Secrets: A Widespread Vulnerability

A significant contributing factor to these leaks is the practice of “hardcoding secrets” – embedding sensitive information like passwords and encryption keys directly into the app’s source code. Cybernews research found that 72% of hundreds of Play Store apps analyzed exhibited this vulnerability. Malicious bots can compromise these hardcoded keys within seconds if they are exposed in public repositories like GitHub, with studies showing compromise occurring in under five seconds.

Google’s Response and AI-Powered Defenses

Google is actively working to combat these threats. In 2025, the company blocked 1.75 million policy-violating apps and banned 80,000 malicious developer accounts, leveraging AI-driven review systems. Google’s Play Protect anti-malware service also prevented 255,000 apps from accessing sensitive user data. Google reports a decrease in malicious actors targeting the Play Store, attributing this shift to increased investment in proactive security systems and AI technology. Codeway secured access to the IDMerit data on February 3rd.

Protecting Yourself: What Android Users Can Do

Users can take several steps to mitigate their risk. Examine a developer’s app portfolio; a large number of similar-looking titles may indicate a focus on quantity over quality. Look for the “Verified Developer” badge in the Play Store. Be wary of apps that cause excessive battery drain or overheating, even when closed. Exercise caution with apps offering lifetime Pro subscriptions at unusually low prices. Regularly scan your device using Google’s Play Protect (Play Store > Profile icon > Play Protect > Scan).

Future Trends in Android Security

The increasing sophistication of AI-powered threats necessitates a continuous evolution of security measures. One can expect to see:

  • Enhanced AI-Driven Threat Detection: Google and other security firms will likely refine their AI models to proactively identify and block malicious apps before they reach users.
  • Improved App Sandboxing: More robust sandboxing techniques will limit the access apps have to sensitive data and system resources.
  • Developer Accountability: Stricter enforcement of security best practices and increased penalties for developers who neglect data protection.
  • User Education: Continued efforts to educate users about the risks associated with downloading apps from untrusted sources and the importance of reviewing app permissions.

FAQ

Q: What is KYC data and why is it so sensitive?
A: KYC data is personal and professional information collected for identity verification. Its compromise can lead to identity theft, financial fraud, and other malicious activities.

Q: How does Google Play Protect work?
A: Play Protect scans apps before and after installation, looking for potentially harmful behavior, and malware.

Q: What should I do if I think my data has been compromised?
A: Change your passwords, monitor your financial accounts for suspicious activity, and report the incident to the appropriate authorities.