Android malware steals info from one million phone owners

An app by Jackeey Wallpaper
Updated A developer of Android apps has been accused of using their apps to steal information from more than one million smartphone users.

John Hering and Kevin MaHaffey, of mobile security firm Lookout, told the Black Hat security conference in Las Vegas that they discovered that a wallpaper app developed by Jackeey Wallpaper (who have created over 70 different applications for the Google Android mobile operating system) secretly transmitted affected phones’ numbers, subscriber identifiers, and voicemail numbers to a server in Shenzen, China.

Over a million people are believed to have downloaded the app – which Sophos has not yet seen – from the Android Market (Google’s equivalent to the Apple iPhone AppStore).

This isn’t the first time that the Android smartphone operating system has apparently been targeted by malware, of course.

Sign up to our free newsletter.
Security news, advice, and tips.

One of the challenges that owners of smartphones running the Android operating system face is that it is not as closely monitored as Apple’s equivalent, and adopts a more relaxed philosophy as to what apps can be published.

Although there’s much criticism that Apple has received for the way it controls the iPhone environment, it’s clear that the only malware attacks we’ve seen to date on that platform (such as Duh and the infamous rickrolling Ikee worms) have affected users who have chosen to jailbreak their iPhones and escape the relative safety of the AppStore.

Yes, malware has previously emerged for jailbroken iPhones, but the malicious applications have not made it onto users’ devices via Apple’s highly guarded AppStore.

It remains to be seen how many users will treat security as a factor when choosing between the rival mobile operating systems.

Update Some media reports suggested incorrectly that voicemail passwords were accessed by the wallpaper app, and it’s important to make clear that this is not true.

In fact, Kevin MaHaffey at Lookout has posted up a blog post downplaying the threat and emphasising that “while the data this app is accessing is certainly suspicious coming from a wallpaper app, we want to be clear that there is no evidence of malicious behavior.”

Lookout and Google are apparently working together to investigate the apps in question.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.