Android malware steals info from one million phone owners

Filed Under: Android, Apple, Data loss, Google, Malware, Mobile

An app by Jackeey Wallpaper
Updated A developer of Android apps has been accused of using their apps to steal information from more than one million smartphone users.

John Hering and Kevin MaHaffey, of mobile security firm Lookout, told the Black Hat security conference in Las Vegas that they discovered that a wallpaper app developed by Jackeey Wallpaper (who have created over 70 different applications for the Google Android mobile operating system) secretly transmitted affected phones' numbers, subscriber identifiers, and voicemail numbers to a server in Shenzen, China.

Over a million people are believed to have downloaded the app - which Sophos has not yet seen - from the Android Market (Google's equivalent to the Apple iPhone AppStore).

This isn't the first time that the Android smartphone operating system has apparently been targeted by malware, of course.

Android
One of the challenges that owners of smartphones running the Android operating system face is that it is not as closely monitored as Apple's equivalent, and adopts a more relaxed philosophy as to what apps can be published.

Although there's much criticism that Apple has received for the way it controls the iPhone environment, it's clear that the only malware attacks we've seen to date on that platform (such as Duh and the infamous rickrolling Ikee worms) have affected users who have chosen to jailbreak their iPhones and escape the relative safety of the AppStore.

Yes, malware has previously emerged for jailbroken iPhones, but the malicious applications have not made it onto users' devices via Apple's highly guarded AppStore.

It remains to be seen how many users will treat security as a factor when choosing between the rival mobile operating systems.

Update Some media reports suggested incorrectly that voicemail passwords were accessed by the wallpaper app, and it's important to make clear that this is not true.

In fact, Kevin MaHaffey at Lookout has posted up a blog post downplaying the threat and emphasising that "while the data this app is accessing is certainly suspicious coming from a wallpaper app, we want to be clear that there is no evidence of malicious behavior."

Lookout and Google are apparently working together to investigate the apps in question.

, ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.