Android malware steals info from one million phone owners

by Graham Cluley on July 29, 2010 | Leave a comment

Filed Under: Android, Apple, Data loss, Google, Malware, Mobile

An app by Jackeey Wallpaper
Updated A developer of Android apps has been accused of using their apps to steal information from more than one million smartphone users.

John Hering and Kevin MaHaffey, of mobile security firm Lookout, told the Black Hat security conference in Las Vegas that they discovered that a wallpaper app developed by Jackeey Wallpaper (who have created over 70 different applications for the Google Android mobile operating system) secretly transmitted affected phones' numbers, subscriber identifiers, and voicemail numbers to a server in Shenzen, China.

Over a million people are believed to have downloaded the app - which Sophos has not yet seen - from the Android Market (Google's equivalent to the Apple iPhone AppStore).

This isn't the first time that the Android smartphone operating system has apparently been targeted by malware, of course.

Android
One of the challenges that owners of smartphones running the Android operating system face is that it is not as closely monitored as Apple's equivalent, and adopts a more relaxed philosophy as to what apps can be published.

Although there's much criticism that Apple has received for the way it controls the iPhone environment, it's clear that the only malware attacks we've seen to date on that platform (such as Duh and the infamous rickrolling Ikee worms) have affected users who have chosen to jailbreak their iPhones and escape the relative safety of the AppStore.

Yes, malware has previously emerged for jailbroken iPhones, but the malicious applications have not made it onto users' devices via Apple's highly guarded AppStore.

It remains to be seen how many users will treat security as a factor when choosing between the rival mobile operating systems.

Update Some media reports suggested incorrectly that voicemail passwords were accessed by the wallpaper app, and it's important to make clear that this is not true.

In fact, Kevin MaHaffey at Lookout has posted up a blog post downplaying the threat and emphasising that "while the data this app is accessing is certainly suspicious coming from a wallpaper app, we want to be clear that there is no evidence of malicious behavior."

Lookout and Google are apparently working together to investigate the apps in question.

Tags: , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <pre> <q cite=""> <strike> <strong>

About the author

Graham Cluley has worked in the computer security industry for more than 20 years, developing anti-virus software and doing quite a lot of talking about internet threats. He's won awards for his blogging, but is proudest of the text adventure games he wrote when he was still wearing short trousers. You can learn more about those (the games, not the trousers) at grahamcluley.com. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.