News

FBI Warns iPhone and Android Users: Don’t Install These Apps

News Room
News Room
FBI Warns iPhone and Android Users: Don’t Install These Apps

Updated April 6 with news of a new crackdown on US apps in China.

It should be obvious, but unfortunately it isn’t. Some of the most popular apps you’ve probably downloaded onto your iPhone or Android smartphone are dangerous. And now the FBI is warning American citizens to stop all such installations.

The agency’s new Public Service Announcement highlights the “data security risks associated with foreign-developed mobile applications (apps) commonly used in the United States; however, these concerns are global. As of early 2026, many of the most downloaded and highest-grossing apps in the United States will be developed and maintained by foreign companies, especially those based in China.

This warning is related to China’s infamous national security laws, which the FBI reminds smartphone users “potentially give the Chinese government access to mobile app users’ data.” In short, the laws require developers in China to do everything they can to support the country’s national security requirements – including data sharing. It’s the same mandate that plagued TikTok prior to its US split.

MORE FROM FORBES‘Backlash’: Google’s unbeatable Pixel leaves Samsung behindBy Zak Doffman

Article 7 of China’s National Intelligence Law says: “All organizations and citizens shall support, assist and cooperate with the efforts of national intelligence agencies in accordance with the law, and shall protect the national intelligence working secrets of which they are aware.”

While Article 14 is more of a problem: “National intelligence agencies lawfully conducting intelligence efforts may request that relevant bodies, organizations and citizens provide necessary support, assistance and cooperation.”

These two clauses together are often used to define risks.

The FBI did not provide a list of Chinese apps or apps from developers in other high-risk locations. That list would be vast and fluid. Instead, the agency has set guidelines for citizens to follow before installing — or not installing — apps.

According to the New York Post“the warning could apply to a range of widely used apps developed by Chinese companies – including video editing platform CapCut, shopping apps such as Temu and SHEIN, and social media platforms such as Lemon8 – several of which are among the most downloaded apps in the United States.”

TechRadar analyzed the current download charts for both iPhone and Android to highlight the implications of the agency’s PSA. On Android, TikTok Lite is the second most popular app. “headquartered in Singapore and Los Angeles, but generally a Chinese app.” While Temu comes in fourth ‘built in China’. TikTok itself is in fifth place, followed by PDF & Launcher for Android from Hong Kong.”

According to TechRadarthe iOS listing is “almost the same, with a few notable differences. It includes a game from Ta Ta Game Technology Limited, an app development company that doesn’t mention where it comes from at all, as well as a game from a Turkish developer.” While the Android risk is higher, given sideloading, iPhone users are far from immune to the risks associated with Chinese downloads.

TikTok, CapCut and Lemon8 operate in the US under the TikTok USDS LLC joint venture, formed in January and backed by Oracle. As such, US installations should not be viewed as Chinese or foreign owned, despite the provenance of the original apps and those still used elsewhere. The joint venture is largely American-owned.

More broadly, it’s important to note that the FBI didn’t mention any apps in its warning. While there are many Chinese apps among the most popular on Android and iOS, the agency has not specifically mentioned any, instead directing users to check all Chinese and foreign developed apps before installing them on their smartphones.

The FBI also says users should be aware “of the user data these apps request access to when downloaded.” But in reality, this privacy policy is very rarely checked. That’s why so-called consent abuse is such a nightmare for smartphone users. “When access is allowed by the user, the app may continuously collect data and private data from users across the device.”

Among the data at risk are contact lists, which allow those collecting the data in China or elsewhere to create social graphs. In the wrong hands, these are invaluable to nation-state hackers or mercenaries, who use a hack on one person to conduct social hacks on one or more high-value targets they know of.

“Some platforms offer the ability to invite friends or contacts to use the apps. Default permissions allow developer companies to store aggregated data about users’ private information and address books, such as names, email addresses, user IDs, physical addresses, and phone numbers of their stored contacts.”

The FBI also warns that “some apps claim that collected data is stored on servers in China for as long as developers deem necessary.” And while there may be settings to stop data sharing, they are rarely used. “Some apps do not allow users to operate the platform unless users consent to data sharing.”

While the focus of this new PSA is on the threat to user privacy, the agency also points out the risk that these foreign-developed apps “could also contain malware that can collect data beyond what is authorized by the user. This could include malicious code and difficult-to-remove malware designed to exploit known vulnerabilities in various operating systems and insert a backdoor for escalated privileges.”

MORE FROM FORBESSamsung’s Android update: bad news for Galaxy S26 ownersBy Zak Doffman

The FBI’s warning is not a blanket instruction to stop downloading apps from Chinese developers. But before downloading such apps, users should carefully check whether they understand the privacy and data collection policies published on the App Store or Play Store, and then avoid installing apps with cumbersome practices. The advice is to stop installing such apps from outside the official stores.

This is a much bigger threat to Android than to iPhone users, given the openness of the ecosystem and the prevalence of high-risk sideloading. This is why Google eliminates this risk – to some extent – ​​by blocking installations from at least unknown developers, many of which will take place abroad. “Official apps stores scan for malicious content, reducing the risk of malware or malicious code.”

Instead, users are urged to check every app they install against the agency’s guidelines below. If apps go wrong, users should not install those apps or should uninstall the apps already on phones:

  • Don’t install apps anywhere other than official stores;

  • Please read the terms of service or end user license agreements before downloading;

  • Disable unnecessary data sharing;

  • Change and update passwords regularly; And

  • Perform device software updates regularly.

In somewhat ironic timing, with news of the FBI’s warning to US citizens about the dangers of Chinese apps continuing to roam, China itself has issued a warning. Apple removes Jack Dorsey’s Bitchat from Chinese App Store Bitcoin news reported on Monday. “Apple has removed decentralized messaging application Bitchat from the Chinese App Store following a request from Chinese authorities.”

According to Crypto newsChina accused Dorsey’s decentralized messaging app of “violating the country’s internet service rules.”

According to reports, China’s Cyberspace Administration of China (CAC) has “declared that Bitchat has violated Article 3 of its regulations, a provision covering online services with public opinion or social mobilization capabilities that came into effect in 2018. As part of this framework, such services would have to undergo a security assessment before launch and be responsible for the outcome.”

Dorsey confirmed the news late Sunday. “Bitchat has been removed from the Chinese App Store,” he posted on X, sharing the notification the company had received. “We are writing to inform you that, at the request of the CAC, your application will be removed from the Chinese App Store because it contains content that is illegal in China and does not comply with the App Review Guidelines.”

“Bitchat has gained attention during periods of political unrest because the decentralized nature of the app allows communication even during internet shutdowns,” Crypto news explains. “This is also at odds with China’s tightly controlled internet censorship regime. Data from Chrome’s download statistics shows that the app has been downloaded more than three million times.”

Separately, and again somewhat ironically, Chinese regulators are also warning that the country’s citizens are now at risk from the latest iOS vulnerabilities, which have recently been patched, causing a lot of fury in Apple’s ecosystem.

Local media reports that “attackers are abusing tools that target Apple terminals to carry out cyberattacks that could lead to information theft and complete compromise of devices, China’s Ministry of Industry and Information Technology warned.”

And so this tit-for-tat plays out in the public gaze. There has always been an asymmetry when it comes to American apps in China versus Chinese apps in America, which was also addressed in the TikTok debate. Perhaps the FBI’s latest warning represents the beginning of a campaign to put this right.

MORE FROM FORBESApple update error: hundreds of millions of iPhones affectedBy Zak Doffman

Meanwhile, the FBI is telling iPhone and Android users that “if you believe your data has been compromised, or if you have experienced suspicious activity related to a foreign-developed mobile app,” you can file a complaint at www.ic3.gov. If you do this, the agency will ask you to bring the following:

  • “Device type and operating system;

  • Name of the app and the developer or company;

  • Where the app was downloaded;

  • Date the user downloaded or started using the app;

  • Specific permissions granted to the app;

  • Types of data believed to be compromised such as contact lists, location, messages, photos, etc.;

  • Any suspicious activity on the device or accounts after installing the app, such as unusual data usage, battery drain, unauthorized access, etc.;

  • Whether the app was used via a cloud-based or locally downloaded version;

  • Any malware detection alerts or security alerts received; or

  • Financial loss or identity theft due to app use.”

This article was originally published on Forbes.com

Share This Article
Previous Article Find the Best Instagram Photo Size for Every Kind of Post Find the Best Instagram Photo Size for Every Kind of Post
Next Article 2 Cases Show Supreme Court Isn't Holding ISPs Responsible for Piracy 2 Cases Show Supreme Court Isn't Holding ISPs Responsible for Piracy
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Stay Connected

Latest News

The world has an insoluble problem with coal. China has found the solution and it does not involve burning it
The world has an insoluble problem with coal. China has found the solution and it does not involve burning it
Gaming
Tech-Powered Bar Mitzvahs: How Software is Transforming Tradition in 2026
Trending
Adjusted for inflation, gasoline is no more expensive than it was 15 years ago
Adjusted for inflation, gasoline is no more expensive than it was 15 years ago
Software
The Germans are in AI fever
The Germans are in AI fever
News
Lost your password?