Android Spyware: Millions Downloaded Thievish Wallpaper App (Updated)
This post is part of our ReadWriteEnterprise channel, which is a resource and guide for IT managers and technologists in the Enterprise. The channel is sponsored by Intel. As you're exploring solutions for your enterprise, check out this helpful resource from our sponsors: All New 2010 Intel Core vPro Processors and Microsoft Office 2010: Your Best Choice for Business PCs
Update 2: Please see our follow-up - the developer of the app in question has denied malicious intent. Mobile security firm Lookout announced today at the Black Hat security conference that millions of Android users had downloaded a wallpaper app that sends user information to a unknown site in China, reported VentureBeat. Concerns about app access to private information were raised last month, but this may be the first instance of Android malware in the wild. Android's enterprise-readiness has been controversial in analyst circles. Update: Lookout contacted us with the following clarification:
The app does not actually steal users SIM card numbers or voicemail passwords. Instead, the app transmits the device's phone number, subscriber identifier (e.g. IMSI), and the currently entered voicemail number on the phone. This is an important distinction for Lookout, because they did not technically find that the app was doing anything malicious. It is certainly suspicious, but it is important to clear up that they did not actually steal info like voicemail passwords.
The app, Jackeey Wallpaper, transmits a users' SIM card number, subscriber identification, and, if it's been programmed into the phone, voicemail password to www.imnet.us, a web site owned by someone in Shenzhen, China. It had been reported that the app also collected browsing history and text messages, but Lookout has clarified that this is not correct.
The app asks permission to access users phone calls, but does not disclose that the information would be sent to a third-party. Lookout found the app as part of its App Genome Project, an ambitious project to track the behavior of 300,000 applications.
Lookout may also be announcing other Android security risks at the conference.
Another mobile security company, Smobile Systems warned against this very scenario last month in a report titled Threat Analysis in the Android Market.
Analysts have been split over the enterprise-readiness of Android 2.2. Jack Gold, of J. Gold Associates, has argued that the lack of support for enterprises to manage what apps users install on their Android handsets should be one of many deal-breakers for Android adoption in the enterprise. This would seem to validate his claims.
Perhaps in response to the Smobile report, Google released a kill switch function to remotely delete malicious applications. The company hasn't announced whether Jackeey Wallpaper has been scheduled for termination.
Share
Facebook
Sponsored by
-
5 Plugins for Outlook Users with Gmail Envy
September 2, 2010 / 15 Comments -
Java - It's not Dead, Folks - It's Doing Just Fine
September 3, 2010 / 14 Comments -
3 Trends in Idea Management
September 1, 2010 / 19 Comments -
Is the Relational Database Doomed?
February 12, 2009 / 156 Comments -
Readers on the Workplace of the Future: Telecommuting, Swarming and "the FunPlace"
September 3, 2010 / 8 Comments
-
Remote Work: Pitfalls and How to Avoid them
September 6, 2010 / 11 Comments -
Enterprise Mobility Heats Up as Salesforce.com Announces Chatter Mobile
September 8, 2010 / 3 Comments -
Migrating to Windows 7? Virtualization Can Make it a Bit Easier
December 28, 2009 / 29 Comments -
"Smart Phone" is a Misnomer: It's a Computer, not a Phone
January 7, 2010 / 25 Comments -
IBM CEO Dismisses Idea of Google Dominance
December 28, 2009 / 46 Comments
Comments
Subscribe to comments for this post OR Subscribe to comments for all ReadWriteEnterprise posts
This makes Apple's control issues over iPhone apps seem a little less evil. (I think I'll keep my BlackBerry a little longer, thanks.)
Something similar could happen on a BlackBerry or on an iPhone. BlackBerry users, unless prohibited by a BES policy, can install any app they want, whether it comes from the BB store or not. And some of those apps access various types of data on the phone.
And while Apple vets everything that comes through the App Store, it's not perfect - mistakes can happen.
Citi group had a flaw in its iPhone app, for example: http://online.wsj.com/article/NA_WSJ_PUB:SB10001424052748703700904575391273536355324.html
That's not the same thing as malware, but it does mean insecure software can get by Apple.
People should be more aware of the installation warning screen for installing Apps. Even if this report turns out to be nothing, still good to scan every once in a while.