Updated A developer of Android apps has been accused of using their apps to steal information from more than one million smartphone users.
John Hering and Kevin MaHaffey, of mobile security firm Lookout, told the Black Hat security conference in Las Vegas that they discovered that a wallpaper app developed by Jackeey Wallpaper (who have created over 70 different applications for the Google Android mobile operating system) secretly transmitted affected phones’ numbers, subscriber identifiers, and voicemail numbers to a server in Shenzen, China.
Over a million people are believed to have downloaded the app – which Sophos has not yet seen – from the Android Market (Google’s equivalent to the Apple iPhone AppStore).
This isn’t the first time that the Android smartphone operating system has apparently been targeted by malware, of course.
One of the challenges that owners of smartphones running the Android operating system face is that it is not as closely monitored as Apple’s equivalent, and adopts a more relaxed philosophy as to what apps can be published.
Although there’s much criticism that Apple has received for the way it controls the iPhone environment, it’s clear that the only malware attacks we’ve seen to date on that platform (such as Duh and the infamous rickrolling Ikee worms) have affected users who have chosen to jailbreak their iPhones and escape the relative safety of the AppStore.
Yes, malware has previously emerged for jailbroken iPhones, but the malicious applications have not made it onto users’ devices via Apple’s highly guarded AppStore.
It remains to be seen how many users will treat security as a factor when choosing between the rival mobile operating systems.
Update Some media reports suggested incorrectly that voicemail passwords were accessed by the wallpaper app, and it’s important to make clear that this is not true.
Many of you are probably familiar with the concept of rootkits – malicious software that lurks hidden at a low-level on your Windows or Unix computer, remaining undetected by conventional anti-virus software.
Although new rootkits can be prevented from infecting your computer, if you had any rootkits before you installed your anti-virus, they may never be revealed. This threat really began to capture the headlines a couple of years ago, and as a result security vendors like Sophos provided free anti-rootkit software for Windows users to check and clean-up their systems.
But rootkits aren’t just limited to conventional desktop operating systems.
Earlier this year we saw two scientists from Rutgers University discuss the possibility of smartphone rootkits, and now – according to media reports – security researchers are planning to demonstrate a malicious rootkit for Google’s Android operating system.
Trustwave’s Nicholas J Percoco and Christian Papathanasiou are planning to give alive demonstration at DEF CON next month of the kernel-level Android rootkit they have developed. Percoco and Papathanasiou claim that the rootkit – once activated – could be used to track the location of the mobile phone’s owner, read their private SMS messages, and redirect calls to bogus numbers.
Of course, all of this relies upon malicious hackers having been able to plant the rootkit in the first place on your Android phone.
And that’s quite a challenge for anybody who wants to spy on you.