Home / Android / Malware in the Android Market? SHOCKING!

Malware in the Android Market? SHOCKING!

Posted by Zealot on Jul 29, 2010

closeThis post was published 1 year 9 months 26 days ago which may make its actuality or expire date not be valid anymore. This site is not responsible for any misunderstanding.

anonymous-android-300x264 The Android Market doesn’t need to be cleaned up just to put things in some kind of logical order so it is easier to search for an application or to get rid of the several dozen applications that do the exact same nothing. No, it needs to be cleaned up because it has become downright unsafe in there.

A mobile security firm called Lookout just released a report at the Black Hat security conference in Vegas (where else?) that says that they discovered a malware program that is sending the private information of several million Android users to a mysterious location in China…all in return for some My Little Pony wallpaper.

I mean it, you can’t make this stuff up…

Here is what MobileBeat has to say about it…

The app in question came from Jackeey Wallpaper, and it was uploaded to the Android Market, where users can download it and use it to decorate their phones that run the Google Android operating system. It includes branded wallpapers from My Little Pony and Star Wars, to name just a couple.

It collects your browsing history, text messages, your phone’s SIM card number, subscriber identification, and even your voicemail password. It sends the data to a web site, www.imnet.us. That site is evidently owned by someone in Shenzhen, China. The app has been downloaded anywhere from 1.1 million to 4.6 million times. The exact number isn’t known because the Android Market doesn’t offer precise data. The search through the data showed that Jackeey Wallpaper and another developer known as iceskysl@1sters! (which could possibly be the same developer, as they use similar code) were collecting personal data. The wallpaper app asks for “phone info,” but that isn’t necessarily a clear warning.

An isolated problem? Sadly…no…later in the article Lookout drops this little bomb:

Roughly 47 percent of Android apps access some kind of third-party code, while 23 percent of iPhone apps do. The executives also found that many apps use third-party software programs to do things such as feed ads into an app. Often, developers unquestioningly use the software development kits of those third parties in their apps, even if they don’t know what they do.

So Apple is safer? Theoretically…with Apple the problem is that due to the fact that all the applications there are approved by Apple in advance, they don’t tell you if they will be accessing your personal information. If they are in the App Store, you have to trust them. With Android, there is no approval process really, but you are informed when you install an application what it will need to access. As for what it DOES with that information, well…who knows. Of course, since most people have been taught the “Just keep clicking OK” school of application management, being forewarned is…still pretty useless.

Tagged with ,

Zealot (839 Posts) - Website | Twitter | Facebook


By day a department manager and writer for a major network device vendor...by night Zealot stalks the mean magnetic streets, striking fear into the hearts of bandwidth abusers and theme park mascots. Zealot has been involved with mobile devices for more than a decade now, starting off with dumb phones, moving to PDAs and then to smartphones, notebooks and netbooks with the odd PMP thrown in. Most of his mobile time currently is spent on a Treo Pro, Zune HD, Thinkpad T61, HP Mini 311, iPod Touch 3G, iPad 16G or a Hackintoshed Compaq Mini 704. He proudly groks the Geek community and considers himself a Neo Maxi Zune Dweebie (thanks Wil Wheaton!).

SHARE THIS POST:

RELATED POSTS:
  • I got the G1, First Impressions
  • Android tethering removed from Market place
  • FUD and Counter-FUD in the Android Market
  • Android Market Hits 100,000…or Thereabouts
  • Google Chrome OS

    • ADVERTISEMENT

    • http://www.productiveorganizer.com Kyith

      this goes to show that being open is not always good. here apple adds more value to their network via their App Store concept then Google.

      http://www.productiveorganizer.com/android-prod...

    • http://twitter.com/mobilitysite/status/19817491835 mobilitysite

      Posted: Malware in the Android Market? SHOCKING! http://bit.ly/dBQCCl

    • http://www.productiveorganizer.com Kyith

      this goes to show that being open is not always good. here apple adds more value to their network via their App Store concept then Google.

      http://www.productiveorganizer.com/android-prod...

    • http://www.svpocketpc.com Pony99CA

      I don't know that Z said that. It depends on how well Apple tests the programs. If they just verify that the program functions as described and doesn't crash, you could still slip a Trojan Horse in. They'd have to monitor for undocumented side effects to catch something like this.

      Steve

    • http://www.productiveorganizer.com Kyith

      agree there but i think they at least don't allow third party apis which is a big plus

    • TOCA

      Glad I'm still on WinMob 6.1, no malware here :)

      It was bound to happen, in the WinMob circles, where I go, we have sort of just been waiting for the first malware to hit the scene, and so has the Anti malware producers. But I'm still not scared to death, so far all that those code geniuses have found is that some apps are gathering some info, but they are still not quite sure why and for what, or if it's even for doing some thing bad, except for target advertising.
      I still recall a few years back when Panda sold their soul to the Devil and cryed wolf over some unknown Chinese site which suposedly had made some sort of malware for WinMob, only problem was that no one was able to find the site or the program, only evidence was a screen dump publised by Panda, who had tryed to sell antivirus for palmtops since the Newton era. This story has (so far) all the same ingrediences that the Panda story had except seemingly originating from a non commercial anti malware selling source?

    • http://www.mobilitysite.com/2010/08/fud-and-counter-fud-in-the-android-market/ FUD and Counter-FUD in the Android Market | Mobility Site

      [...] recent story (reported on Mobilitysite HERE) about a wallpaper app in the Android store found to be sending user data off to China by a [...]

    • http://twitter.com/innerfamilylife/status/20244390221 innerfamilylife

      'Malware in the Android Market? SHOCKING!' http://viigo.im/4pQm

    • Mikey

      For me, today, the BBC has finally vindicated the jackie and cleared his name, and branded all the allegations against the wallpaper app developer and app, as BS. Google itself has also cleared jackie.

      A respected Anglo Saxon broadcaster, the British Broadcasting Corporation (BBC), produces a programme called Digital Planet, where the commentator Jeremy Wagstaff has said his piece on this sorry affair. You can read the transcript on Mr. Wagstaff's blog: http://www.loosewireblog.com/2010/07/phantom-mo...

      In essence, my summary of Mr. Wagstaff's assertion is that – though we may find it easy to believe that some foreigner in a far away land may be screwing you, sometimes the threat is closer to home – then he cites Lookout, who issued the misleading initial blog piece which destroyed the poor little chinese developer's reputation and work, as an organization fraught with conflict of interest.

      Here's that gem in Jeremy's own words: ” We seem very quick to attribute suspicious behavior to someone we don’t know much about, in some scary far-off place, but less to those we do closer to home: Lookout’s main business, after all, is prominently displayed on their homepage: an application to, in its words, “protect yourself from mobile viruses and malware. Stop hackers in their tracks.”

      Conflict of interest, anyone?”

      That sorta puts closure to this affair, but only to those who read. Those who feel that the poor developer should be further vindicated, please spread Mr. Wagstaff's words far and wide.

      And just hope that the bloggers who did not at all apologise, did not modify their blogposts which killed the poor chinese dev's reputation and work and earnings, and bloggers who (worse) apologised flippantly and contemptuously, finally try to do something to right the intense wrong they wrought.

    • http://www.svpocketpc.com Pony99CA

      Oh, Mikey, you really need to give it a rest.

      First, all Wagstaff did was talk to the developer and look at some screenshots. He did not investigate what the application really did, like Lookout did. He even admits that the developer could be (gasp!) lying to him.

      Second, the developer still sounds shady. He admitted to using two different IDs to create applications under. Why does he need to do that?

      Third, this has nothing to do with “some scary far-off place”; it has to do with the behavior of the application. Why can't you get that?

      Fourth, you follow along with Wagstaff claiming that Lookout has a “conflict of Interest”, but did you talk to them before spouting off? If not, you're doing exactly what you're criticizing others for. Pot, meet Kettle.

      Fifth, just because somebody might have a conflict of interest does not mean that they're wrong. Many so-called “security researchers” work for companies that sell security solutions. So does that mean that you should never believe them?

      Maybe on Mikey World people can't separate the truth from their profit motivation, but I think people here on Earth can (not that they always do, mind you).

      Steve

    • http://www.svpocketpc.com Pony99CA

      Oh, Mikey, you really need to give it a rest.

      First, all Wagstaff did was talk to the developer and look at some screenshots. He did not investigate what the application really did, like Lookout did. He even admits that the developer could be (gasp!) lying to him. (Of course, we know that “poor developer” would never actually do that, right?)

      Second, the developer still sounds shady. He admitted to using two different IDs to create applications under. Why does he need to do that?

      Third, this has nothing to do with “some scary far-off place”; it has to do with the behavior of the application. Why can't you get that?

      Fourth, you follow along with Wagstaff claiming that Lookout has a “conflict of Interest”, but did you talk to them before spouting off? If not, you're doing exactly what you're criticizing others for. Pot, meet Kettle.

      Fifth, just because somebody might have a conflict of interest does not mean that they're wrong. Many so-called “security researchers” work for companies that sell security solutions. So does that mean that you should never believe them?

      Maybe on Mikey World people can't separate the truth from their profit motivation, but I think people here on Earth can (not that they always do, mind you).

      Steve

    Subscription

    You can subscribe by e-mail to receive news updates and breaking stories.

    Comments

    In the Forums

      Tags

      Links

      Blogroll

      Polls

      Would you use Bing on an iPhone?

      View Results

      Loading ... Loading ...

      About Mobilitysite

      Mobilitysite.com is a site covering Mobility News, Reviews, and Discussion. Our coverage focuses on Smartphones and PDAs, but extends on past that as well. Tablet PC, UMPC, and Personal Media Players like the Zune and iPod are covered as well. To learn more about Mobilitysite, read here. Also take time to register in our forums too. There is a wealth of information to be found inside. Mobilitysite has 168181 RSS Subscribers.

      Links

      YouTube Twitter RSS Feed