The first app, called 'File Recovery & Data Recovery,' had over a million installs, while the second app, File Manager, had over 500,000 installs. Additionally, the apps gathered media content such as pictures, audio, and video, as well as real-time user location, mobile country code, network provider name, and more. The stolen data included contact lists, both from the device itself and connected accounts such as email and social networks. Although the apps claimed not to collect any data on the Google Play website, the security researchers found that they collected highly personal information from users and sent it to multiple destinations, primarily located in China and identified as malicious.