Researchers find 80 different Android wallpaper apps skimming sensitive data
While the superstar of the Black Hat USA 2010 security conference in Las Vegas this week was Barnaby Jack from IOActive showing off techniques for "Jackpotting" Windows CE-based ATMs, research from security company Lookout has had a much broader impact on consumers, especially those using Android smartphones.
Lookout's "App Genome Project" is an ongoing study of the millions of mobile applications available, the user data that they collect, and threats they present. During their research for the project, the team found a series of simple Wallpaper apps in the Android Market which were suspiciously collecting more data than they needed to.
"The wallpaper applications that we analyzed transmitted several pieces of sensitive data to a server over an unencrypted network connection. The data included the device's phone number, subscriber identifier (e.g. IMSI), and the currently entered voicemail number on the phone," Lookout CTO Kevin Mahaffey said today. "While this sort of data collection from a wallpaper application is certainly suspicious, there's no evidence of malicious behavior. There have been cases in the past on other mobile platforms where well-intentioned developers are simply over-zealous in their data gathering, without having malicious intent."
The group found more than 80 wallpaper apps that did this, and they all traced back to two developers "Jackeey" and "wallpaper," both of whom have since changed their names. The various apps are estimated to have been downloaded between one and four million times.
There's a good chance you have downloaded one if you're an Android user.
"While the data this app is accessing is certainly suspicious coming from a wallpaper app, we want to be clear that there is no evidence of malicious behavior," Mahaffey said today. He also said that Google is aware of the situation and is currently investigating the suspicious apps.