Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
ForumsAndroidMalicious wallpaper app collecting data!


178 posts

Master Geek


Topic # 65113 29-Jul-2010 19:38
Send private message

A content research programme conducted by security firm Lookout has identified a malicious app that has been downloaded by millions from the app market. It's a wallpaper app developed by Jackeey Wallpaper. It's allegedly collecting data such as SIM card numbers, text messages, subscriber identification, and voicemail passwords which it then sends to www.imnet.us from Shenzen, China. Google have been notified.

Cheeky buggers!

Create new topic
446 posts

Ultimate Geek
+1 received by user: 47


  Reply # 358758 29-Jul-2010 20:08
Send private message

Care to share what the app was so people can avoid it?



178 posts

Master Geek


  Reply # 358800 29-Jul-2010 20:41
Send private message

joff_nz: Care to share what the app was so people can avoid it?


I would avoid all wallpaper apps from developer Jackeey Wallpaper. They have a hell of a lot of wallpaper apps. http://www.androidzoom.com/android_developer/jackeeywallpaper_bofz.html

If you have any wallpaper apps just check that they are not from this developer.

446 posts

Ultimate Geek
+1 received by user: 47


  Reply # 358807 29-Jul-2010 20:45
Send private message

Thanks :) i will check all of our phones and spread teh word.

245 posts

Master Geek


  Reply # 358864 29-Jul-2010 21:18
Send private message

Wouldn't it have come up in that warning when you install a app from the market? or is it up to the developer to disclose that information?

1044 posts

Uber Geek

Trusted

  Reply # 359384 30-Jul-2010 08:51
Send private message

Ambrose_1: Wouldn't it have come up in that warning when you install a app from the market? or is it up to the developer to disclose that information?


Yes, the app apparently asks for permissions. Seems like most people just hit OK without really reading stuff though. On that basis, there'll never be a secure smartphone.

It turns out that the severity of the data theft was exaggerated in the original report and the security company has back-pedalled on its original claims. Not that I'd download the app given the dev's choosing to build in functions that a wallpaper switcher doesn't need in any shape or form.

I'd stay clear of anything from Jackyee regardless. Obviously not a trustworthy source. 




Galaxy S has gone to its new owner. HTC Sensation has gone to its new
owner. Galaxy S3 has gone to its new owner. Now using Galaxy Note 3. Skipping Note 4 I think...

BDFL - Memuneh
61323 posts

Uber Geek
+1 received by user: 12065

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 360557 31-Jul-2010 10:24
Send private message

The folks at this security company should leave the security business... They issued a "revised statement"

"While the data this app is accessing is certainly suspicious coming from a wallpaper app, we want to be clear that there is no evidence of malicious behavior. There have been cases in the past where applications are simply a little overzealous in their data gathering practices, but not because of any ill intent."

Idiots, probably just trying to promote their own "security" software/services later as "Android specialists". Now just idiots.

http://www.androidtapp.com/android-wallpaper-apps-falsely-accused-of-spyware-and-stealing-sensitive-.../




Backblaze cloud backup (personal and business) | Geekzone broadband switch | Amazon (Geekzone aff) | MightyApe (Geekzone aff)

 

My technology disclosure  | Business Transformation | Enterprise Content Management | Customer Relationship Management

 

 

5225 posts

Uber Geek
+1 received by user: 1120

Trusted
Subscriber

  Reply # 361331 2-Aug-2010 08:30
Send private message

freitasm: The folks at this security company should leave the security business... They issued a "revised statement"

"While the data this app is accessing is certainly suspicious coming from a wallpaper app, we want to be clear that there is no evidence of malicious behavior. There have been cases in the past where applications are simply a little overzealous in their data gathering practices, but not because of any ill intent."

Idiots, probably just trying to promote their own "security" software/services later as "Android specialists". Now just idiots.

http://www.androidtapp.com/android-wallpaper-apps-falsely-accused-of-spyware-and-stealing-sensitive-.../


Thanks, M.

Looks like pure FUD operating. Maybe Lookout got a big cheque from someone....and the story certainly got a lot of play without anyone apparently checking the facts.

Yet another example of conventional journalism (WSJ, etc..) being made to look silly by bloggers and subject specialists.




____________________________________________________
I'm on a high fibre diet. 

 

High fibre diet

325 posts

Ultimate Geek
+1 received by user: 7


  Reply # 361356 2-Aug-2010 09:25
Send private message

To be clear the app did not ask for or have the ability to read SMS messages or browser history, that was a mistake in the original report by Venturebeat. Examples of the app permissions that would be asked for to allow that are here. An update with more technical details from Lookout is here.

Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.