Russian Malware Scam: Is the New Profile Pic App a Scam

May 2022 saw a surge in popularity for a new profile picture app called “NewProfilePic Picture Editor” in Apple’s App Store and “NewProfilePic: Profile Picture” in Google’s Play Store, with hundreds of thousands of downloads.

Social media users began spreading rumors that the new app, which uses artificial intelligence to create profile pictures that appear painted, was some sort of Russian malware scam as users shared their photos.

 

It was claimed by some social media users that the app was stealing data illegally. It was also claimed that the Kremlin had ties to it. Rumors have been circulating alleging the app is malware that drains bank accounts. There was little merit in any of these claims, according to our investigation. A standard privacy policy is followed by this app, which does collect some user data.

 

RELATED –

 

Is There Data Being Stolen by the New Profile Picture App?

Oftentimes, people are taken aback by the extent to which their personal data can be accessed by mobile apps. Many people shared screenshots of the privacy policy of the New Profile Pic app when rumors started spreading that it was a scam.

 

Using a screenshot of the app permissions requested, one user wrote: “DO NOT download the New Profile Pic.com APP it takes your information and sends it to Moscow!!!!!!!!”

 

Ink, Paper, and a Menu

 

According to popular mobile apps, the permissions listed in the image above are not out of the ordinary. It’s not unusual for popular apps to ask for permission to “receive data from the internet” and “have full network access,” as we discovered when we compared this screenshot to others from TikTok, WhatsApp, and Instagram.

It’s important for people to know that they are handing over this much information to companies when they download apps. There is nothing unusual about the permissions granted to New Profile Pic.

 

Do you know where New Profile Pic is?

According to the app’s descriptions in the Google and Apple app stores, the new profile picture was designed by Informe Laboratories, Inc. and is owned by Linerock Investments LTD under a copyright license.

Photo Lab Picture Editor & Art and ToonMe – cartoons from photos, two of the most popular apps on the market, are also developed by these companies and have millions of five-star reviews.

 

The developer’s location is listed as Tortola in the British Virgin Islands on both Google’s and Apple’s app stores.

 

On the basis of screenshots, the website newprofilepic.com was said to have been registered in Moscow, leading some to believe that this app had some connection to Russia or the Kremlin.

 

This domain was registered in Florida on May 11, according to our results. Because the company’s founder had lived in Moscow at one point in time, Linerock Investments informed us that the domain name had been registered there.

However, a company representative claimed that the person responsible for the domain registration had moved, and as a result, the company changed the registration address “to avoid any confusion.”

 

RELATED –

 

An email from a spokesperson stated:

 

Having registered the domain to a Moscow address is true. The company’s founder used to live at this address in Moscow. At the moment, he does not reside in Russia. To avoid any misunderstandings, the address has been updated.

 

 

This app was created by a British Virgin Islands-based company with a multi-national staff, including developers in Russia. According to a spokesperson:

 

We’re a BVI corporation. An international team based in Russia, Ukraine, and Belarus is working on our app.

 

It was reported by the Daily Mail that this app was developed by a company “overlooking the Moscow River three miles from Red Square,” implying a connection between this app and the Kremlin.

A spokesperson for Linerock told us that The Daily Mail was referring to the Moscow address of lawyers who had registered the company, not the company itself. According to a spokesperson:

 

It’s the address of the lawyers who registered the company on the Moscow River. There has never been a place for us to work there.

 

A lengthy response to the rumors was posted on Linerock’s website photo. According to the company, no user images or data are sent to Moscow: Amazon AWS and Microsoft Azure are the two servers they use.

 

However, the app’s popularity has its downsides. Daily Mail UK claims that NewProfilePic is likely to ‘hoover up your data and send it to Moscow,’ because the app was ‘developed by a tech company in Moscow.”

 

We can’t help but think of the eerily similar “Bangladesh story.” It is our only option to reaffirm time and time again that all of our apps, including NewProfilePic, are safe. BVI company with offices in Russia, Ukraine, and Belarus In spite of this, your photos (or any other data) are not transmitted to Moscow.

Amazon AWS and Microsoft Azure servers in the United States host all of our apps and user images. All of those AI-driven effects would not be possible without this.

 

Do You Think This App Is Taking Money from You?

An additional widespread social media rumor claimed that users’ bank accounts were automatically debited after using this app for a short period of time. As an example, here is one:

 

So far, we haven’t been able to prove or disprove that this actually occurred. Furthermore, there is a slew of unanswered questions surrounding these assertions. (Was there a fee associated with this?) Is the money back in my account? No, the user did not give the app their credit card information.

 

This article will be updated if we receive any further information from Google, Apple, or the user who posted the above-displayed message. As of this writing, the New Profile Pic App is “absolutely free, and does not contain in-app purchases, so it does not require any payment information from the users,” according to a spokesperson for the app.

 

The app has added in-app purchases since this article was published.

 

There are a lot of apps with similar names in the app stores, according to the spokesperson, and some of them have subscriptions or in-app purchases. Customers may have unwittingly used one of these look-alike apps and been charged, according to the company spokesperson. They said in a statement to Snopes, ”

 

People use app store search to find our #NewProfilePic app because all of the photos shared on social media have our logo. Other apps with similar names can be found in the search results.

As well as in-app purchases, some of these apps have Misleading, some users may have to download multiple apps to achieve the desired result, and in some cases, they may have to pay to unlock the trial version.

As soon as the trial period ends, the subscription is still active, and they will be billed. Our apps aren’t actually responsible for the charges that are currently being levied.

 

Has Anyone Experienced Any Problems With the New Profile Pics App?

This app is not excessively intrusive, as some have claimed. The permissions it asks for are typical of those requested by other well-known apps. No evidence exists to support the claim that this app steals data for the Russian government.

Developed by a company in the British Virgin Islands that employs a team of international developers, some of whom live in Russia. Finally, there is no evidence to support the claim that users of this app had money taken from their bank accounts.

 

However, this app asks for permission to access some data on your phone, which isn’t out of the ordinary. On the company’s website, you can learn more about its privacy policies.

 

 

It’s also worth noting that New Profile Pic isn’t the first app from this company and that this isn’t the first time they’ve released an app. Over 150 million people have downloaded the developer’s other apps, including ToonMe and PhotoLab, which have each amassed over 150 million installs.

Neither of these apps has been reported to have been used to steal money from bank accounts, or to hand over user data to the Kremlin, in the past few years.

 

“The NewProfilePic app does not store user accounts or any personal data,” a spokesperson for the app told us…

 

People can safely use this app.”

 

In spite of the fact that there’s nothing unusual about this app, cybersecurity expert Joseph Steinberg urged users to exercise caution when downloading apps from other countries, especially if those apps originate from the United States.

 

Steinberg said in an interview with WFMY’s News 2:

 

What a shock when the company’s headquarters suddenly appear to be based in Moscow and the company is collecting my personal information.” As a real issue, they aren’t asking about their other 30 apps on their phone that are doing the same thing.

If you read the fine print, this app actually collects fewer pieces of data than most others. As far as I know, Facebook has more information than TikTok does. As a matter of fact, you don’t know how this app (or any other app from a foreign country) shares your information.

LEAVE A REPLY

Please enter your comment!
Please enter your name here