Main points
- The FBI is warning about security risks associated with mobile apps developed in China due to the possibility of accessing user data without their consent.
- Users are advised to avoid Chinese apps, remove unnecessary permissions, download apps from official stores, and use complex passwords.
The hidden threat in your smartphone: why intelligence agencies advise you to review the list of programs / Collage 24 Channel/Depositphotos/Freepik
Mobile users have grown accustomed to the convenience offered by the world's most popular apps. But behind the scenes, their favorite services are carrying out a massive data collection campaign that could put the privacy of millions of people at risk.
What mechanisms do Chinese developers use to gain access to your private life?
The Federal Bureau of Investigation has issued an official warning about the significant security risks associated with mobile applications developed by foreign companies, particularly those based in China. As of early 2026, a significant portion of the most downloaded and profitable applications on the market belong to foreign entities, which is of great concern to the FBI, writes GBHackers.
The problem of laws
The main problem is that the digital infrastructure of such developers is subject to local laws, which allows government agencies to access user data without their direct consent.
One of the most worrying aspects is excessive data collection. Many apps, upon installation, request numerous permissions that allow them to continuously collect data, even when the user is not using the app at the time.
Your contacts
Particular attention is paid to access to contact lists. Some services encourage synchronization of the address book, after which the developers receive and store the names, phone numbers, email addresses and physical addresses not only of the device owner, but also of people who did not install this application at all, the FBI notes in its statement.
The privacy policies of many such products explicitly state that the collected information, including personal data and system inputs, is stored on servers in China. The storage period is often unlimited or lasts as long as the developer deems necessary. Some platforms even block access to their functionality if a person refuses to agree to the full transfer of their data.
Controversial updates
In addition to privacy issues, there is a direct technical threat. Security services warn of the possibility of malicious code being introduced into applications during one of the updates.
App stores pay the most attention to the first download of an application, but do not monitor subsequent updates as closely. This fact has repeatedly led to the fact that applications that were initially presented as useful utilities for scanning documents, reading PDF files, accessing VPNs, or other functions, eventually downloaded malicious updates and began to perform other functions that the developer did not declare.
Hidden software can exploit vulnerabilities in mobile operating systems, install backdoors, and elevate system privileges, opening the door to sensitive information. In the worst-case scenarios, such programs can silently download additional malicious components, leading to identity theft, financial fraud, or surveillance.
What to do?
To protect your information, experts, including Bleeping Computer, recommend following basic digital hygiene:
- It is worth removing unnecessary permissions in the program settings and downloading software only from official stores, as third-party resources often ignore security checks.
- It is also critical to regularly update the software on the device itself and use password managers to create complex and unique combinations instead of simple passwords that are easy to crack.
- Of course, the FBI recommends not using Chinese programs, but instead choosing American or European counterparts.
- If suspicious activity is detected after installing a foreign application, law enforcement officers advise reporting it through specialized cybercrime complaint centers, but this is not only relevant for Americans.