Do not install these apps — new FBI warning.
NurPhoto via Getty Images

FBI Warns iPhone And Android Users—Do Not Install These Apps

· Yahoo News

It should be obvious — but unfortunately it’s not. Some of the most popular apps you have likely downloaded on your iPhone or Android smartphone are dangerous. And now the FBI is warning U.S. citizens to stop all such installs.

The bureau’s new Public Service Announcement highlights the “data security risks associated with foreign-developed mobile applications (apps) frequently used in the United States; however, these concerns are global. As of early 2026, many of the most downloaded and top-grossing apps in the United States are developed and maintained by foreign companies, particularly those based in China.”

MORE FROM FORBESDo Not Make These Calls On Your iPhone, Warns AppleBy Zak Doffman

This warning links back to China’s infamous national security laws, which the FBI reminds smartphone users enables “the Chinese government to potentially access mobile app users’ data.” In short, the laws mandate developers based in China do all they can to support the country’s national security imperatives — including sharing data. It’s the same mandate that plagued TikTok ahead of its U.S. split.

Advertisement
Advertisement

The FBI says users should be aware “of what user data these apps request access to upon download.” But in reality, these privacy polices are very rarely checked. That’s why so-called permission abuse is such a nightmare for smartphone users. “When access is permitted by the user, the app can persistently collect data and users’ private information throughout the device.”

The data at risk includes contact lists, which could enable those collecting the data in China or elsewhere to build social graphs. In the wrong hands, these are invaluable to nation-state or mercenary hackers, using a hack on one person to socially engineer hacks on one or more higher value targets that they know.

“Some platforms offer the option to invite friends or contacts to use the apps. With default permissions, developer companies can store collected data on users’ private information and address books, such as names, e-mail addresses, user IDs, physical addresses, and phone numbers of their stored contacts.”

The FBI also warns that “some of the apps state that the collected data is stored on servers located in China for as long as the developers deem necessary.” And while there may be settings to stop this data sharing, these are little used. “Some apps do not allow the users to operate the platform unless users consent to data sharing.”

Advertisement
Advertisement

While the focus of this new PSA is the threat to user privacy, the bureau also flags the risk that these foreign-developed apps “may also contain malware that could collect data beyond what is authorized by the user. This could include malicious code and hard-to-remove malware designed to exploit known vulnerabilities in various operating systems and insert a backdoor for escalated privileges.”

MORE FROM FORBESGoogle Issues Android Update—40% Of All Phones Now At RiskBy Zak Doffman

This remains a much greater threat to Android over iPhone users, given the openness of the ecosystem and the prevalence of high-risk sideloading. This is why Google is shutting down this risk — to an extent — with blocks on installs from unknown developers at least, many of which will be based overseas. “Official apps stores scan for malicious content, lowering the risk of malware or malicious code.”

The FBI tells smartphone users to do the following:

Advertisement
Advertisement

  • Disable unnecessary data sharing;
  • Only download apps from official stores;
  • Change and update passwords regularly;
  • Perform regular device software updates; and
  • Read terms of service or end user license agreements before downloading.

This article was originally published on Forbes.com