ALERT! Malicious Android Wallpaper App Raided Personal Data

Discussion in 'Android News' started by cereal killer, Jul 29, 2010.

  1. cereal killer

    cereal killer DF Administrator Staff Member

    Joined:
    Oct 29, 2009
    Messages:
    11,291
    Likes Received:
    1,104
    Trophy Points:
    558
    Location:
    Austin, TX
    Ratings:
    +1,182
    Current Phone Model:
    Nokia Lumia Icon
    Today Phonescoop is reporting :

    Mobile security firm Lookout has exposed a wallpaper application available in the Android Market that collects personal information and sends it to a web site in China. The application, developed by Jackeey Wallpaper, snags data from users such as their SIM card number, subscriber information, and voicemail password and sent it to w w w. imnet.us, which is registered to a person living in China.

    According to Lookout, the application (which offered branded wallpapers from the likes of My Little Pony and Star Wars), was downloaded between 1.1 million and 4.6 million times. The application was discovered as part of an analysis of how free Android applications access and use personal data. Android device users are reminded to use caution when downloading apps from the Android Market, and to check what systems and information the application wants to access during the installation process. Google has recently added some anti-piracy measures to the Android Market, but it hasn't responded directly to this situation.



    Source: PhoneScoop
     
  2. Mojo

    Mojo Active Member

    Joined:
    Nov 25, 2009
    Messages:
    1,357
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    S.W Missouri
    Ratings:
    +0
    Glad Ive never downloaded that app. Feel for the million + that has
     
  3. HeroNova

    HeroNova Member

    Joined:
    Nov 28, 2009
    Messages:
    249
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Staten Island, NY
    Ratings:
    +0
    I guess it's worth downloading Lookout then? I feel bad for all those that got duped because of that wallpaper app.
     
  4. Droidfish

    Droidfish Member

    Joined:
    Feb 2, 2010
    Messages:
    860
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Deep South of NM
    Ratings:
    +0
    I have 2 questions:

    1) Did the malicious app show which permissions it had access to, wether on the initial app install or an update?

    2) How could Lookout's app(or any virus protection) have caught this?
     
  5. furbearingmammal

    furbearingmammal DF Super Moderator Staff Member

    Joined:
    Jun 16, 2010
    Messages:
    11,162
    Likes Received:
    372
    Trophy Points:
    513
    Location:
    Anywhere you're not
    Ratings:
    +455
    Current Phone Model:
    32GB Moto X Developers Edition
    Twitter:
    furryvarmint
    Unfortunately, this is why Google needs to put a bit more control over the apps in the market. "Free" and "open" do not mean "laissez faire".

    I hope Google and the phone companies are on top of this and can plug this security hole ASAP -- aka, working with and walking through the password fixes and everything else they're going to need after this breach.
     
  6. baaldemon

    baaldemon Member

    Joined:
    Apr 16, 2010
    Messages:
    48
    Likes Received:
    0
    Trophy Points:
    6
    Ratings:
    +0
    Yes it alerted people what data it was going to have access to. If you see a wallpaper app asking for access to personal data and the likes you have to be a moron to install it.

    Sent from my Droid using Tapatalk
     
  7. Backnblack

    Backnblack Premium Member Premium Member

    Joined:
    Nov 18, 2009
    Messages:
    11,262
    Likes Received:
    17
    Trophy Points:
    453
    Ratings:
    +17
    +1 on that..Then people complain about it.
     
  8. Shadez

    Shadez Super Mod/News Team Staff Member Premium Member

    Joined:
    Jan 27, 2010
    Messages:
    8,422
    Likes Received:
    205
    Trophy Points:
    193
    Location:
    Lafayette Hill, Pa
    Ratings:
    +206
    Current Phone Model:
    HTC One M8
    Twitter:
    @Shadez69
    Researchers: Android Wallpaper App Shows “No Evidence Of Malicious Behavior”
    by Jason Kincaid on Jul 29, 2010

    [​IMG]

    Yesterday, mobile security firm Lookout[​IMG] announced at the Black Hat security conference that it had discovered a seemingly benign wallpaper application for Android that had been downloaded millions of times — and allegedly harvested user data like text messages and browsing history, which was being sent to servers in China. At least, that’s what was reported[​IMG]. Turns out, it looks like the press jumped the gun on reporting this as a major security issue, and the company has posted a clarification[​IMG] to its blog.

    According to the post, while there is something suspicious going on here, the data these applications are accessing is not nearly as sensitive as some of the initial reports would have you believe (it isn’t grabbing your text messages and browsing history).

    The apps are apparently sending some potentially sensitive data like your subscriber identifier, but even then, the Lookout team says that there is no concrete evidence of malicious behavior:
    The data included the device’s phone number, subscriber identifier (e.g. IMSI), and the currently entered voicemail number on the phone (see below for technical details). While this sort of data collection from a wallpaper application is certainly suspicious, there’s no evidence of malicious behavior. There have been cases in the past on other mobile platforms where well-intentioned developers are simply over-zealous in their data gathering, without having malicious intent.
    For its part, Google says that it has “suspended this application while we investigate further”.

    http://techcrunch.com/2010/07/29/android-wallpaper-hack/
     
  9. its.mike

    its.mike Member

    Joined:
    Jan 24, 2010
    Messages:
    102
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    N.E. Ohio
    Ratings:
    +0
    Would be too much for you to update this with correct information?
    [quote="AndroidCentral]Update: Lookout got back to us during the overnight to clarify a few things as reported in the Mobile Beat story. They're not going quite so far as to call the app "malicious," but questions remain. Read Lookout's e-mail to us after the break. We've e-mailed the apps' developer for further explanation.
    Hi Jerry,

    I wanted to reach out to you regarding the wallpaper app we recently discussed at Blackhat to clarify a few things.

    Specifically, the wallpaper applications we analyzed proved to send several pieces of sensitive data to a server, including a device's phone number, subscriber identifier, and currently programmed voicemail number. The applications we analyzed did not access a device's SMS messages, browsing history, or voicemail password (unless a user manually programmed the voicemail number on the device to include the voicemail password).

    Also, it's important to note that the applications were estimated by androidlib to have between 1 and 4 million downloads (not necessarily the same thing as 1-4 million users).

    Finally, while the data the wallpaper apps are accessing are certainly suspicious coming from wallpaper apps, we're not saying that these applications are malicious. There have been cases in the past where applications are simply a little overzealous in their data gathering practices, but not because of any ill intent.

    I'm happy to answer any more questions you have.

    Thanks,
    Kevin

    Kevin Mahaffey
    Founder, CTO

    Lookout, Inc.

    [/quote]
     
  10. JasonAsWell

    JasonAsWell Member

    Joined:
    Jul 11, 2010
    Messages:
    95
    Likes Received:
    2
    Trophy Points:
    8
    Ratings:
    +2
    Why the reluctance to name the app? Just sayin'.
     
  11. Shadez

    Shadez Super Mod/News Team Staff Member Premium Member

    Joined:
    Jan 27, 2010
    Messages:
    8,422
    Likes Received:
    205
    Trophy Points:
    193
    Location:
    Lafayette Hill, Pa
    Ratings:
    +206
    Current Phone Model:
    HTC One M8
    Twitter:
    @Shadez69
     
  12. Talon8Ya

    Talon8Ya Member

    Joined:
    Jan 26, 2010
    Messages:
    291
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Way Upstate NY
    Ratings:
    +2
    Current Phone Model:
    Galaxy Note 4
    Twitter:
    https://twitter.com/Talon
    A bit late to the show it has even been discussed by me and others and blown off by the rest on here before now.

    http://www.droidforums.net/forum/dr...er-app-exploit-stole-info-millions-users.html

    I got caught by this wallpaper scam. I normally dont install any apps that ask for that kind of permission but due to review on an adroid site when I first got my phone and wanted wall papers I installed it. I do not remember all those permissions being listed on the first install, maybe they were or added during subsequent updates.
    This whole deal makes me reiterate my wish that google would do just a bit more with it's terrible market.
    I read and check everything I install but this one got by me. Now I have to wait and see like everyone else just what kinds of malicious crap will come of this.
     
  13. Talon8Ya

    Talon8Ya Member

    Joined:
    Jan 26, 2010
    Messages:
    291
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Way Upstate NY
    Ratings:
    +2
    Current Phone Model:
    Galaxy Note 4
    Twitter:
    https://twitter.com/Talon

    The only problem is I do not remember it asking for hardly any permissions when I first installed it. They could have been added in later updates that I did not read too closely.

    I am certainly not a moron though.
     
  14. Shadez

    Shadez Super Mod/News Team Staff Member Premium Member

    Joined:
    Jan 27, 2010
    Messages:
    8,422
    Likes Received:
    205
    Trophy Points:
    193
    Location:
    Lafayette Hill, Pa
    Ratings:
    +206
    Current Phone Model:
    HTC One M8
    Twitter:
    @Shadez69
    You didn't get blown off.. I have a thread about this http://www.droidforums.net/forum/dr...er-app-exploit-stole-info-millions-users.html but it just comes down to whos viewing the forum when the threads are posted.. which is same one you posted now that I looked lol.. anyways, doesnt matter as long as people see it..
     
  15. JCo352

    JCo352 Senior Member

    Joined:
    Feb 11, 2010
    Messages:
    1,825
    Likes Received:
    0
    Trophy Points:
    66
    Location:
    Texas
    Ratings:
    +0
    Soooooooo, what is the apps name?
     
Search tags for this page
android virus alert scan now
,
android virus change wallpaper
,
android wallpaper sending ads
,
android wallpaper spam
,

android wallpaper virus

,
appraided
,
how to hack a voicemail without a password
,
scan now warning on android phone
,
virus background on droid
,
walpaper virus warning android