ALERT! Malicious Android Wallpaper App Raided Personal Data

cereal killer

Administrator
Staff member
Joined
Oct 29, 2009
Messages
11,254
Reaction score
1,269
Location
Austin, TX
Current Phone Model
Nokia Lumia Icon
Today Phonescoop is reporting :

Mobile security firm Lookout has exposed a wallpaper application available in the Android Market that collects personal information and sends it to a web site in China. The application, developed by Jackeey Wallpaper, snags data from users such as their SIM card number, subscriber information, and voicemail password and sent it to w w w. imnet.us, which is registered to a person living in China.

According to Lookout, the application (which offered branded wallpapers from the likes of My Little Pony and Star Wars), was downloaded between 1.1 million and 4.6 million times. The application was discovered as part of an analysis of how free Android applications access and use personal data. Android device users are reminded to use caution when downloading apps from the Android Market, and to check what systems and information the application wants to access during the installation process. Google has recently added some anti-piracy measures to the Android Market, but it hasn't responded directly to this situation.



Source: PhoneScoop
 

Mojo

Active Member
Joined
Nov 25, 2009
Messages
1,353
Reaction score
0
Location
S.W Missouri
Glad Ive never downloaded that app. Feel for the million + that has
 

Droidfish

Member
Joined
Feb 2, 2010
Messages
859
Reaction score
0
Location
Deep South of NM
I have 2 questions:

1) Did the malicious app show which permissions it had access to, wether on the initial app install or an update?

2) How could Lookout's app(or any virus protection) have caught this?
 

furbearingmammal

Super Moderator
Joined
Jun 16, 2010
Messages
11,081
Reaction score
363
Location
Anywhere you're not
Website
swdouglas.blogspot.com
Current Phone Model
32GB Moto X Developers Edition
Twitter
furryvarmint
Unfortunately, this is why Google needs to put a bit more control over the apps in the market. "Free" and "open" do not mean "laissez faire".

I hope Google and the phone companies are on top of this and can plug this security hole ASAP -- aka, working with and walking through the password fixes and everything else they're going to need after this breach.
 

baaldemon

Member
Joined
Apr 16, 2010
Messages
48
Reaction score
0
Yes it alerted people what data it was going to have access to. If you see a wallpaper app asking for access to personal data and the likes you have to be a moron to install it.

Sent from my Droid using Tapatalk
 

Backnblack

Premium Member
Premium Member
Joined
Nov 18, 2009
Messages
11,104
Reaction score
28
Current Phone Model
iPhone 7+ 256gb
Yes it alerted people what data it was going to have access to. If you see a wallpaper app asking for access to personal data and the likes you have to be a moron to install it.

+1 on that..Then people complain about it.
 

Shadez

Super Mod/News Team
Staff member
Premium Member
Joined
Jan 27, 2010
Messages
8,375
Reaction score
210
Location
Lafayette Hill, Pa
Website
www.droidforums.net
Current Phone Model
HTC One M8
Twitter
@Shadez69
Researchers: Android Wallpaper App Shows “No Evidence Of Malicious Behavior”
by Jason Kincaid on Jul 29, 2010

an1.png


Yesterday, mobile security firm Lookout announced at the Black Hat security conference that it had discovered a seemingly benign wallpaper application for Android that had been downloaded millions of times — and allegedly harvested user data like text messages and browsing history, which was being sent to servers in China. At least, that’s what was reported . Turns out, it looks like the press jumped the gun on reporting this as a major security issue, and the company has posted a clarification to its blog.

According to the post, while there is something suspicious going on here, the data these applications are accessing is not nearly as sensitive as some of the initial reports would have you believe (it isn’t grabbing your text messages and browsing history).

The apps are apparently sending some potentially sensitive data like your subscriber identifier, but even then, the Lookout team says that there is no concrete evidence of malicious behavior:
The data included the device’s phone number, subscriber identifier (e.g. IMSI), and the currently entered voicemail number on the phone (see below for technical details). While this sort of data collection from a wallpaper application is certainly suspicious, there’s no evidence of malicious behavior. There have been cases in the past on other mobile platforms where well-intentioned developers are simply over-zealous in their data gathering, without having malicious intent.
For its part, Google says that it has “suspended this application while we investigate further”.

http://techcrunch.com/2010/07/29/android-wallpaper-hack/
 

its.mike

Member
Joined
Jan 24, 2010
Messages
100
Reaction score
0
Location
N.E. Ohio
Would be too much for you to update this with correct information?
[quote="AndroidCentral]Update: Lookout got back to us during the overnight to clarify a few things as reported in the Mobile Beat story. They're not going quite so far as to call the app "malicious," but questions remain. Read Lookout's e-mail to us after the break. We've e-mailed the apps' developer for further explanation.
Hi Jerry,

I wanted to reach out to you regarding the wallpaper app we recently discussed at Blackhat to clarify a few things.

Specifically, the wallpaper applications we analyzed proved to send several pieces of sensitive data to a server, including a device's phone number, subscriber identifier, and currently programmed voicemail number. The applications we analyzed did not access a device's SMS messages, browsing history, or voicemail password (unless a user manually programmed the voicemail number on the device to include the voicemail password).

Also, it's important to note that the applications were estimated by androidlib to have between 1 and 4 million downloads (not necessarily the same thing as 1-4 million users).

Finally, while the data the wallpaper apps are accessing are certainly suspicious coming from wallpaper apps, we're not saying that these applications are malicious. There have been cases in the past where applications are simply a little overzealous in their data gathering practices, but not because of any ill intent.

I'm happy to answer any more questions you have.

Thanks,
Kevin

Kevin Mahaffey
Founder, CTO

Lookout, Inc.

[/quote]
 

Shadez

Super Mod/News Team
Staff member
Premium Member
Joined
Jan 27, 2010
Messages
8,375
Reaction score
210
Location
Lafayette Hill, Pa
Website
www.droidforums.net
Current Phone Model
HTC One M8
Twitter
@Shadez69
Today Phonescoop is reporting :

Mobile security firm Lookout has exposed a wallpaper application available in the Android Market that collects personal information and sends it to a web site in China. The application, developed by Jackeey Wallpaper, snags data from users such as their SIM card number, subscriber information, and voicemail password and sent it to w w w. imnet.us, which is registered to a person living in China.

According to Lookout, the application (which offered branded wallpapers from the likes of My Little Pony and Star Wars), was downloaded between 1.1 million and 4.6 million times. The application was discovered as part of an analysis of how free Android applications access and use personal data. Android device users are reminded to use caution when downloading apps from the Android Market, and to check what systems and information the application wants to access during the installation process. Google has recently added some anti-piracy measures to the Android Market, but it hasn't responded directly to this situation.



Source: PhoneScoop

A bit late to the show it has even been discussed by me and others and blown off by the rest on here before now.

http://www.droidforums.net/forum/dr...er-app-exploit-stole-info-millions-users.html

I got caught by this wallpaper scam. I normally dont install any apps that ask for that kind of permission but due to review on an adroid site when I first got my phone and wanted wall papers I installed it. I do not remember all those permissions being listed on the first install, maybe they were or added during subsequent updates.
This whole deal makes me reiterate my wish that google would do just a bit more with it's terrible market.
I read and check everything I install but this one got by me. Now I have to wait and see like everyone else just what kinds of malicious crap will come of this.

You didn't get blown off.. I have a thread about this http://www.droidforums.net/forum/dr...er-app-exploit-stole-info-millions-users.html but it just comes down to whos viewing the forum when the threads are posted.. which is same one you posted now that I looked lol.. anyways, doesnt matter as long as people see it..
 

onmyway

Member
Joined
May 13, 2010
Messages
195
Reaction score
0
Location
One of those places where we have a lot of sweet t
Current Phone Model
G N 4
Thank you Mike at Verizon for making me install LOOKOUT a month ago.:)

And again, this is why I HATE TO TELL what applications I have......why would you need voicemail passwords and sheesh how many are duplicated elsewhere? I hate bad guys they totally take my breath away and make my nose flare with fury.
 
Top