Two popular Baidu apps were temporarily unavailable on the Google Play Store in October after they were caught collecting sensitive user details. The discovery was made by network security firm Palo Alto Networks. Google pulled the apps on October 28, citing “unspecified violations” The apps were found to collect device identifiers, such as the International Mobile Subscriber Identity (IMSI) number or MAC address, without users’ knowledge, thus making them potentially trackable online. The origin of the data leak was traced to the apps’ Push SDK and ShareSDK from the Chinese vendor MobTech.
Source: https://thehackernews.com/2020/11/baidus-android-apps-caught-collecting.html