Ah, it’s good to be open.
The mobile security firm Lookout notes that a malicious wallpaper app for Android has been sending user data back to mysterious servers located in China. All told, the app appears to have been downloaded anywhere from 1.1 million to 4.6 million times. The app does not, as previousy reported, collect a users browser history and collection of text messages, but it does send back the phone’s SIM card number, subscriber info, and in some cases, a users voicemail password.
The app in question came from Jackeey Wallpaper, and it was uploaded to the Android Market, where users can download it and use it to decorate their phones that run the Google Android operating system. It includes branded wallpapers from My Little Pony and Star Wars, to name just a couple.
More recently, Google removed 2 Twilight themed apps from the Android Marketplace after it was discovered that the apps contained hidden code that “phones home” to check for new code that a developer could remotely add to the program, “including any hidden control program or “rootkit”.