An innocent looking Android wallpaper application has been quietly stealing user’s personal information, and may have been downloaded millions of times. The app which actually allows users to change the wallpaper has been taking the phone’s number, every single text message, email and password, and sending it to a website based in Shenzhen, China.
Mike Luttrell of TGDaily is reporting that the findings were presented at the Black Hat security conference in Las Vegas by mobile security firm Lookout. Android users should be concerned if they downloaded the malicious app from “Jackeey Wallpaper.”
Android app developers have a lot more freedom in what they put on the Android Market compared to the Apple way of doing things.
Before they download the app users are made aware of the kind of information the application has access to. Unfortunately it is too easy for users to bypass these types of warnings when downloading items to their devices. According to Lookout between 1.1 million and 4.6 million Android users have downloaded the app.
Also See: Nexus 6 safe from new Android flaw