Popular selfie app Meitu has made its way to the United States and the rest of Asia. However, security researchers are alarmed at the fact that the viral app tracks and spies on its users.
Meitu quickly became popular in the past weeks because of its selfie post-processing prowess. It turns the user's face into a cute and feminine caricature complete with blush ons and anime-like eyes. Even the background is changed and added with flowers and such.
The problem is that the app can be collecting sensitive information about the user. Meitu on iPhones tra the location and mobile carrier data while Android users unknowingly give up their unique IMEI codes which are sent back to China, The Verge has learned.
Most apps already track some kind of data from the user but they do not usually touch sensitive data. Location is often tracked by navigation apps such as Google's Maps or ride-hailing applications like Uber. The problem with Meitu is that they also track the IMEI which is unique for every smartphone and can be used as a basis for hacking
Forensic expert Jonathan Zdziarski told CNNTech that the trackers are for advertisements and revenue. The app is free to download from Google Play and the App Store which means the developers will have to find some way to monetize their product.
"We've come to accept ad and analytics trackers in our mobile apps," said Zdziarski. "Now, it's turning into 'crapware' that delivers a dozen or more trackers in the form of something cute the user wants to use."
Users can still try to tone down the tracking of any apps they installed by going to the App Permissions page in Settings. It can be done in both Android and iOS provided that the version is updated. Meitu can still be used without tracking the location of their users.
Watch the app in action below: