Researchers: Android Wallpaper App Shows “No Evidence Of Malicious Behavior”
Jason Kincaid
Jul 29, 2010

Yesterday, mobile security firm Lookout announced at the Black Hat security conference that it had discovered a seemingly benign wallpaper application for Android that had been downloaded millions of times — and allegedly harvested user data like text messages and browsing history, which was being sent to servers in China. At least, that’s what was reported. Turns out, it looks like the press jumped the gun on reporting this as a major security issue, and the company has posted a clarification to its blog.

According to the post, while there is something suspicious going on here, the data these applications are accessing is not nearly as sensitive as some of the initial reports would have you believe (it isn’t grabbing your text messages and browsing history). The apps are apparently sending some potentially sensitive data like your subscriber identifier, but even then, the Lookout team says that there is no concrete evidence of malicious behavior:

The data included the device’s phone number, subscriber identifier (e.g. IMSI), and the currently entered voicemail number on the phone (see below for technical details). While this sort of data collection from a wallpaper application is certainly suspicious, there’s no evidence of malicious behavior. There have been cases in the past on other mobile platforms where well-intentioned developers are simply over-zealous in their data gathering, without having malicious intent.

For its part, Google says that it has “suspended this application while we investigate further”.

CrunchBase Information
Android
Information provided by CrunchBase
Advertisement
  • Related Topics
Advertisement
  • Jim

    So what was the application name already?

  • Mike

    From the Lookout blog:

    “The wallpaper apps that we analyzed came from two developers “jackeey,wallpaper” (whose developer name has changed to “callmejack” since we originally released our research) and “IceskYsl@1sters!”. According to androlib, applications from “jackeey,wallpaper” are estimated to have been download 1-4 million times.”

  • Christian

    To clarify: There is no single “application name”. There were dozens of different wallpaper apps by that developer in the market, all of which (very probably) exhibit this behaviour. (I only tested one at random.) For now, Google pulled all of them.

  • http://bit.ly/9SpIxI james29

    i agree with Christian
    http://bit.ly/9SpIxI

  • http://newleaders.com Kevin Milden

    Three cheers for Lookout!

  • Droidfan

    This headline takes the quote entirely out of context and is a disservice to readers. A more accurate headline would be:

    Researchers: Android Wallpaper App “certainly suspicious”

  • Jakol

    Google pulled all of them? Guess Google don’t like competition.

  • sv

    Go back to sucking Steve Job’s balls.

  • monsterofNone

    wow you guys really have a scoop on your hands. i hadn’t read that any where else all day… except daring fireball, pcworld, engadget. but y’know, a scoop is a scoop.

  • monsterofNone

    absolutely.

  • sv

    Its “not malicious” until I suddenly get tons of SMS spam for Chinese viagra.

  • Darren

    Why would people use a Wallpaper app that asked permission to access their phone calls?

  • androidfan0971

    totally agree. now techcrunch is blowing it out of proportion the other way. change the title.

  • skitz

    LMAO indeed

  • Angel

    Wait, so Google removed a bunch of apps that actually weren’t malicious? How DRACONIAN.

  • darktanone

    Blown out of proportion, huh? Hmmm…Seems I heard the same said about Antennagate, but they just kept piling it on. Now the shoe’s on the other foot, huh? Karma baby! Clearly a wallpaper app should not be collecting data and sending it to China. Whether the intent is malicious or not, that alone is need for concern. This issue is way more serious than an antenna reception problem, and deserves to be looked at very closely by every news organization and blog.

  • Sig

    The fact that the program is harvesting phone numbers is enough to raise serious privacy concerns – but let’s downplay this by all means.

  • http://www.wistex.com Scott M. Stolz

    Harvesting data like phone numbers and their voicemail numbers. Hmmm. You could then figure out what mobile phone company people use, and build an app that allows users to make calls go directly to voicemail, kinda like one app that came out recently. I’m not saying they are related, but how else is an app suposed to know what a phone number’s direct to voicemail number is?

  • WillisR

    hehe @ Google. Now they are realizing why Apple controls and the apps submitted to the app store. I knew Google was evil but didn’t know how stupid they were.

  • WillisR

    No worries, Google will copy Apple’s app store analyzing process of apps and in about a month the Android app store will be a copy of Apple’s App Store and in 2 months from now Google FaGboys will say “Oh Apple copied Google”. Silly fagboys.

  • someone

    You think that your iPhone apps don’t collect you phone number? Suckers.

  • really

    Techcrunch is paid by Google. What a phoney blog.

    Techcrunch = Phoney Blog

    FAKECRUNCH LOL

  • frthstreet

    Why again should a wallpaper app have your voicemail number? I understand if it’s for a voicemail service but not a wallpaper app that should just sit there.

  • ac
  • Hamranhansenhansen

    Because the vast majority of users will click “OK” to pretty much anything an app asks them.

  • Hamranhansenhansen

    There’s no API in iOS for getting the phone number of the device you’re running on.

    There is also an incentive to make good apps (get your app deployed and collect easy money) and a disincentive to make bad apps (get your app rejected and/or your developer certificate revoked which cuts you off from the easy money for life.)

    So you shouldn’t assume that just because Google copied a ton of stuff from iOS that everything on iOS is the same as Android.

  • Charles Liu

    Now someone’s reputation is ruined. Kudos for the abuse of power you media types. Whatever happened to fact check?

    Same thing back when the Aurora attack happened. Some blog said “Chinese fingerprint” and everyone jumped on it. Turned out the 4-bit nibble CRC code came from 25 year old Novell programming guide.

    And there’s no effort to undo the damage that’s done. We basically can say anything about “Red Commie China” with impunity.

blog comments powered by Disqus
Advertisement
Got a tip? Building a startup? Tell us
Most Popular