ALERT! Malicious Android Wallpaper App Raided Personal Data

[cereal killer]

Today Phonescoop is reporting :

Mobile security firm Lookout has exposed a wallpaper application available in the Android Market that collects personal information and sends it to a web site in China. The application, developed by Jackeey Wallpaper, snags data from users such as their SIM card number, subscriber information, and voicemail password and sent it to w w w. imnet.us, which is registered to a person living in China.

According to Lookout, the application (which offered branded wallpapers from the likes of My Little Pony and Star Wars), was downloaded between 1.1 million and 4.6 million times. The application was discovered as part of an analysis of how free Android applications access and use personal data. Android device users are reminded to use caution when downloading apps from the Android Market, and to check what systems and information the application wants to access during the installation process. Google has recently added some anti-piracy measures to the Android Market, but it hasn't responded directly to this situation.


Source: PhoneScoop

 

[Mojo]

Glad Ive never downloaded that app. Feel for the million + that has

 

[HeroNova]

I guess it's worth downloading Lookout then? I feel bad for all those that got duped because of that wallpaper app.

 

[Droidfish]

I have 2 questions:

1) Did the malicious app show which permissions it had access to, wether on the initial app install or an update?

2) How could Lookout's app(or any virus protection) have caught this?

 

[furbearingmammal]

Unfortunately, this is why Google needs to put a bit more control over the apps in the market. "Free" and "open" do not mean "laissez faire".

I hope Google and the phone companies are on top of this and can plug this security hole ASAP -- aka, working with and walking through the password fixes and everything else they're going to need after this breach.

 

[baaldemon]

Yes it alerted people what data it was going to have access to. If you see a wallpaper app asking for access to personal data and the likes you have to be a moron to install it.

Sent from my Droid using Tapatalk

 

[Backnblack]

Yes it alerted people what data it was going to have access to. If you see a wallpaper app asking for access to personal data and the likes you have to be a moron to install it.

+1 on that..Then people complain about it.

 

[Shadez]

Researchers: Android Wallpaper App Shows “No Evidence Of Malicious Behavior”
by Jason Kincaid on Jul 29, 2010

Yesterday, mobile security firm Lookout announced at the Black Hat security conference that it had discovered a seemingly benign wallpaper application for Android that had been downloaded millions of times — and allegedly harvested user data like text messages and browsing history, which was being sent to servers in China. At least, that’s what was reported. Turns out, it looks like the press jumped the gun on reporting this as a major security issue, and the company has posted a clarification to its blog.

According to the post, while there is something suspicious going on here, the data these applications are accessing is not nearly as sensitive as some of the initial reports would have you believe (it isn’t grabbing your text messages and browsing history).

The apps are apparently sending some potentially sensitive data like your subscriber identifier, but even then, the Lookout team says that there is no concrete evidence of malicious behavior:

The data included the device’s phone number, subscriber identifier (e.g. IMSI), and the currently entered voicemail number on the phone (see below for technical details). While this sort of data collection from a wallpaper application is certainly suspicious, there’s no evidence of malicious behavior. There have been cases in the past on other mobile platforms where well-intentioned developers are simply over-zealous in their data gathering, without having malicious intent.
​

For its part, Google says that it has “suspended this application while we investigate further”.

http://techcrunch.com/2010/07/29/android-wallpaper-hack/

 

[its.mike]

Would be too much for you to update this with correct information?
[quote="AndroidCentral]Update: Lookout got back to us during the overnight to clarify a few things as reported in the Mobile Beat story. They're not going quite so far as to call the app "malicious," but questions remain. Read Lookout's e-mail to us after the break. We've e-mailed the apps' developer for further explanation.
Hi Jerry,

I wanted to reach out to you regarding the wallpaper app we recently discussed at Blackhat to clarify a few things.

Specifically, the wallpaper applications we analyzed proved to send several pieces of sensitive data to a server, including a device's phone number, subscriber identifier, and currently programmed voicemail number. The applications we analyzed did not access a device's SMS messages, browsing history, or voicemail password (unless a user manually programmed the voicemail number on the device to include the voicemail password).

Also, it's important to note that the applications were estimated by androidlib to have between 1 and 4 million downloads (not necessarily the same thing as 1-4 million users).

Finally, while the data the wallpaper apps are accessing are certainly suspicious coming from wallpaper apps, we're not saying that these applications are malicious. There have been cases in the past where applications are simply a little overzealous in their data gathering practices, but not because of any ill intent.

I'm happy to answer any more questions you have.

Thanks,
Kevin
Kevin Mahaffey
Founder, CTO
Lookout, Inc.
[/quote]

 

[JasonAsWell]

Why the reluctance to name the app? Just sayin'.

 

[Shadez]

Would be too much for you to update this with correct information

Would it be to much for you to read the thread before jumping the gun?

 

[Shadez]

Today Phonescoop is reporting :

Mobile security firm Lookout has exposed a wallpaper application available in the Android Market that collects personal information and sends it to a web site in China. The application, developed by Jackeey Wallpaper, snags data from users such as their SIM card number, subscriber information, and voicemail password and sent it to w w w. imnet.us, which is registered to a person living in China.

According to Lookout, the application (which offered branded wallpapers from the likes of My Little Pony and Star Wars), was downloaded between 1.1 million and 4.6 million times. The application was discovered as part of an analysis of how free Android applications access and use personal data. Android device users are reminded to use caution when downloading apps from the Android Market, and to check what systems and information the application wants to access during the installation process. Google has recently added some anti-piracy measures to the Android Market, but it hasn't responded directly to this situation.


Source: PhoneScoop

A bit late to the show it has even been discussed by me and others and blown off by the rest on here before now.

http://www.droidforums.net/forum/dr...er-app-exploit-stole-info-millions-users.html

I got caught by this wallpaper scam. I normally dont install any apps that ask for that kind of permission but due to review on an adroid site when I first got my phone and wanted wall papers I installed it. I do not remember all those permissions being listed on the first install, maybe they were or added during subsequent updates.
This whole deal makes me reiterate my wish that google would do just a bit more with it's terrible market.
I read and check everything I install but this one got by me. Now I have to wait and see like everyone else just what kinds of malicious crap will come of this.

You didn't get blown off.. I have a thread about this http://www.droidforums.net/forum/dr...er-app-exploit-stole-info-millions-users.html but it just comes down to whos viewing the forum when the threads are posted.. which is same one you posted now that I looked lol.. anyways, doesnt matter as long as people see it..

 

[JCo352]

Soooooooo, what is the apps name?

 

[onmyway]

Thank you Mike at Verizon for making me install LOOKOUT a month ago.

And again, this is why I HATE TO TELL what applications I have......why would you need voicemail passwords and sheesh how many are duplicated elsewhere? I hate bad guys they totally take my breath away and make my nose flare with fury.

 

[its.mike]

Would be too much for you to update this with correct information

Would it be to much for you to read the thread before jumping the gun?

I did. There updates to this story long before it was posted here yet the main topic, which is viewable on the front page still has false information. So how is that jumping the gun?