Mobilebeat is reporting that a rogue Android wallpaper app has been collecting personal data and sending it off to a site in China, as discovered by mobile security firm Lookout as part of their App Genome Project.
Lookout found the dodgy wallpaper application as part of the Genome project, where they logged data from more than 100,000 free Android (as well as iPhone) apps to see how they behave. The project uncovered many apps requiring permissions they did not need, and accessing personal data often. It's worth noting that on Android, when you install an application you are prompted to allow an application to have permissions to perform certain sets of actions, whereas on the iPhone, Apple approves anything, so apps can do anything without notifiying once installed.
Mobilebeat says that the wallpaper application comes from a company called "Jackeey Wallpaper" and was in the Android Market and included "branded wallpaper from My Little Pony and Star Wars." The application allegedly captures your phone number, subscriber identification as well as your voicemail number, but only if they are stored on your phone. Apparently the data is then sent to a website owned by someone in Shenzen, China with the domain name of imnet.us. Lockout says that the application has been downloaded up to 4.6 million times, and that other apps like it exist.
Lookout says that there isn't malicious behaviour coming from the application yet, and that a lot of applications access your personal data frequently. The data was unveiled in a talk by Kevin MaHaffey, chief technology officer at Lookout in a talk at the Black Hat conference in Las Vegas yesterday. MaHaffey said that "Even good apps can be modified to turn bad after a lot of people download it," and that "Users absolutely have to pay attention to what they download. And developers have to be responsible about the data that they collect and how they use it."
John Hering, chief executive of Lookout also said he believes that "both Google and Apple are on top of policing their app stores, particularly when there are known malware problems with apps. But it’s unclear what happens when apps behave as the wallpaper apps do, where it’s not clear why they are doing what they are doing."
Full details of the wallpaper applications are available here, on the Lookout website.