Tuesday, March 21

Is ‘New Profile Pic’ App a Russian Malware Scam?

In May 2022, a new profile pic app, officially named “NewProfilePic Picture Editor” in the Apple Store and “NewProfilePic: Profile Picture” in the Google Play store, shot to the top of mobile charts with hundreds of thousands of downloads. As people post photos from this new app, a piece of mobile software that uses artificial intelligence to create profile pics that look as if they had been painted, messages started circulating on social media claiming that this app was some sort of Russian malware scam.

Some social media users claimed the app was stealing data in a criminal fashion. Others claimed it was based in Russia and connected to the Kremlin. Another rumor accused the app of being malware and taking money out of people’s accounts. We looked into each of these claims and found that they were largely without merit or unsubstantiated. While this app does collect some user data, its privacy policy isn’t out of the ordinary.

Is the New Profile Pic App Stealing Data?

People are often surprised to learn just how much personal data mobile apps are allowed to access. When claims started circulating that the New Profile Pic app was some sort of scam, many people shared screenshots of the app’s privacy policy.

One person shared a screenshot of the requested app permissions and wrote: “DO NOT download the NEW PROFILE PIC.COM APP it takes all your information and sends it to Moscow!!!!!!!”

Text, Menu

The permissions listed in the above-displayed image aren’t out of the ordinary, in terms of what many popular mobile apps do. When we compared the contents of this screenshot to that of other top apps, such as TikTok, WhatsApp, and Instagram, we found that requesting users’ permission to “receive data from internet” and “have full network access” isn’t unusual. People should certainly be aware that they are granting this amount of access to companies when they download their apps. That said, New Profile Pic’s permissions aren’t abnormal.

Also Read  US disrupts Russian Cyclops Blink botnet before being used in attacks

Is New Profile Pic app Based in Russia?

New Profile Pic was created by a mobile development group called Informe Laboratories, Inc., and copyrighted by Linerock Investments LTD, according to the listings in Google’s and Apple’s app stores. These companies are also behind the popular apps “Photo Lab Picture Editor & Art” and “ToonMe – cartoons from photos,” two apps that collectively have millions of reviews, the vast majority of which are five stars.

On both Google’s and Apple’s app store, the developer’s location is listed as being Tortola in the British Virgin Islands.

The claim that this app was connected to Russia or the Kremlin was based on screenshots that supposedly showed how the website newprofilepic.com had been registered in Moscow.

When we looked up this domain on May 11, our results showed that this website was registered in Florida. However, it’s possible that the registering location was something different before that time. We reached out to Linerock Investments for more information. A spokesperson told us via email that the company is located in the British Virgin Islands, but that an international team of developers, some of whom reside in Russia, worked on the app.

The spokesperson said: “We are a BVI company. Our app is being developed by an international team with development offices in Russia, Ukraine and Belarus.”

Is This App Stealing Money?

Another popular social media rumor claimed that people had money taken out of their bank accounts shortly after downloading this app. This is one example:

We have not been able to confirm or disprove that this actually happened. Furthermore, many details surrounding such claims are unknown. (Was this charge for a subscription? Was the money refunded? Did the user provide credit card information to the app?)

Also Read  NFL mock draft: Will Georgia's Travon Walker be first pick?

We reached out to Google, Apple, and the user who posted the above-displayed message, and we will update this article if more information becomes available. Linerock did not respond to this specific claim, but they did tell us that the app is “absolutely free and it does not contain in-app purchases so it does not require any payment information of the users.”

Is New Profile Pic App Safe To Use?

In sum, the claim that this app is unusually invasive is untrue. Its requested app permissions are similar to other mainstream apps. The claim that this app is stealing data for the Kremlin is also unsupported by evidence. This app was developed by a company in the British Virgin Islands that uses a team of international developers, some of whom live in Russia. Lastly, the claim that users of this app had money taken out of their bank accounts is, so far, unsubstantiated.

While this app requests permission to access certain data on your phone, these requests aren’t unusual. You can read more about the company’s privacy policy on its website.

It is also worth reiterating that this app didn’t come from a new company, and New Profile Pic isn’t their first app. ToonMe and PhotoLab, two of the developer’s other apps, have more than 150 million installs on Google Play. Both of those apps have been around for years, and we are unaware of any reports that they have been used to steal money from people’s bank accounts, or to give users’ data to the Kremlin.

Also Read  'SNL' Alum Blasted by Sexual Assault Accuser in Interview About Allegations

A spokesperson for the app told us: “The NewProfilePic app does not store users’ accounts or any personal data. …This app is safe for people to use it.”

Leave a Reply

Your email address will not be published. Required fields are marked *