Story image

Do you use the Peel Smart Remote app? Delete or update it now

17 Apr 2019

If you or anyone you know has the Peel Smart Remote app installed on any Android devices, now is the time to update it or uninstall it entirely, because it could be sending your personal pictures, information, and documents to an unknown server.

The Peel Smart Remote app has been installed more than 100 million times – and with some terrible recent customer reviews to boot. 

However, last week security firm Pradeo Lab discovered that the Peel Smart Remote app was leaking users’ pictures to a server that doesn’t belong to the app developer, Peel Technologies.

The issues lie in the Peel Smart Remote app version 10.7.3.3. Although the app claims it merely enables your device to act as a smart remote for your TV, satellite box, streaming media players and home appliances, that particular version of the app asks for permissions that have very little to do with remote control functions.

The app asks for permissions including the device’s camera, read and write permissions for contacts, read permissions for calendar, the ability to kill background processes and disable keyguard, and the ability to record audio - amongst a long list of other permissions.

“According to the official Android app developers’ documentation, ‘External storage is the best place for files that don't require access restrictions and for files that you want to share with other apps or allow the user to access with a computer’. By writing anything on external storage, the Peel Smart Remote app highly exposes its users’ data. By reading it, it accesses users’ pictures, video, audio and any other files stored on it,” Pradeo Labs explains.

Pradeo Lab also found that the app also collects personal information like the user’s age, ethnicity, income, and political orientations and sends them over the network.

Although the new version of Peel Smart Remote (10.7.4.2) has removed the leaky behaviour, Peel Technologies has remained silent about the issues.

Peel Smart Remote is also littered with advertisements, lock screen overlays, and popups. What’s more, it still comes preinstalled on many tablets and smartphones.

Pradeo Lab recommends that people who use Peel Smart Remote should uninstall it or to update to the latest version to prevent pictures from being breached.

“Because applications’ update is not automatic on all Android devices, millions of users running the former version of the app are still currently exposed,” Pradeo Labs states.

Pradeo Labs does not mention whether the vulnerabilities affect the iOS version of Peel Smart Remote.

This Iron Man drone wants you to fly like a superhero
Iron Man must be one of the most popular superheroes of 2019 – because this year he has been transformed into a robot, and now he’s styled as his very own drone.
HP back on board with Emirates Team NZ
HP 3D print technology will supposedly help the team innovate at speed.
Do you use the Peel Smart Remote app? Delete or update it now
Peel Smart Remote could leak your personal pictures, information, and documents to an unknown server.
How printing solutions can help save the planet
Y Soft has identified five key ways organisations can become more economical and reduce their environmental impact.
Information is power when choosing electricity plans
While 90% of respondents knew their average power bill over the summertime, more than half didn’t know their kilowatt hour (kWh) price, or their monthly usage amount. 
A quick look at Haier & LG's take on the smart home revolution
Haier is going all-in on the smart home revolution – and it believes your home should be smart all the way from the laundry to the bedroom.
An 8K TV for $80,000? Samsung has you covered
8K televisions have landed in New Zealand, but they come with eye-watering price tags of up to $80,000.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.