Android Wallpaper Suspected of Stealing Personal Info

Mobile security firm Lookout recently reported a possible security glitch in a Google Android mobile wallpaper app. Lookout indicated that the suspicious app, estimated to have been downloaded one to four million times, collects and ships personal information to a "mysterious site in China."

Lookout’s Disclosure

In a statement sent to VentureBeat, Lookout notes that the app “does not capture browsing history and text messages. It collects your phone number, subscriber identification, and even your voicemail password, as long as it is programmed automatically into your phone. It sends the data to a web site, www.imnet.us. That site is evidently owned by someone in Shenzhen, China. The app has been downloaded anywhere from 1.1 million to 4.6 million times.” ”

Lookout disclosed said information during the Blackhat 2010 hackers conference in Las Vegas last Wednesday.

Lookout Chief Executive Officer John Hering and Chief Technology Officer Kevin MaHaffey said: “No smartphone, mobile platform or operating system is immune to the growing security threats in the world of smartphones. That means that apps that seem good but are really stealing your personal information are a big risk at a time when mobile apps are exploding on smartphones."

MaHaffey added that “Even good apps can be modified to turn bad after a lot of people download it. Users absolutely have to pay attention to what they download. And developers have to be responsible about the data that they collect and how they use it.”

Lookout, however clarified that “While the data this app is accessing is certainly suspicious coming from a wallpaper app, we want to be clear that there is no evidence of malicious behavior. There have been cases in the past where applications are simply a little overzealous in their data gathering practices, but not because of any ill intent.”

Hering, in a press conference, added that he believes “both Google and Apple are on top of policing their app stores, particularly when there are known malware problems with apps.”

The “Jackeey Wallpaper”

The suspicious app originated from "Jackeey Wallpaper," which was uploaded to the Android market for the purpose of enabling users to improve and customize their phones running the Google Android operating system.

Jackeey Wallpaper developer Jackeey Wu said in an interview that “If a developer wants to collect text message, he must declare some android permissions first. These permissions will be shown on the Android market security page and Application settings.” He added that he does collect data but only device data, not user data.

Google immediately pulled all the wallpaper apps from both accounts when the negative publicity began pending further investigation.