Symantec flags malicious Android porn wallpaper apps
Security giant sounds alarm over discovery of malicious data-stealing wallpaper apps.
Up to 1.5 million Android users may have suffered a serious data breach after downloading malicious apps, according to Symantec.
The security giant identified three apps, all posing as pornographic wallpapers, that were available through Google Play for more than 30 days, despite pornography being banned from the store.
Once downloaded, the app steals the user's Googlemail address, GPS co-ordinates, handset IMEI number and network operator information.
This data is then transmitted by the app back to a remote command-and-control server.
Analysis run by Symantec showed all three apps were from the same developer and are all identified by the company as Android.Coolpaperleak.
The organisation also discovered the apps were not a modified version of a safe app, but were malicious from the beginning.
"The erotic and porn industries are the most browsed on the internet," said Lionel Payet, a Symantec threat intelligence officer.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"If you just combine the most downloaded type of apps (wallpapers) with the erotic and porn industries, you will have in your hands the perfect chemistry for a top download application in no time."
This new threat comes on the back of research by fellow security player Kaspersky Lab, which showed 99 per cent of mobile malware was targeted towards the Android operating system.
Two of the most prevalent malwares detected, Opfake and Fakeinst, were so-called premium SMS diallers, which send SMS messages from a user's phone to a premium rate service without their knowledge.
Similar SMS scam apps pretending to be official London 2012 gaming apps were also found to be targeting Android users in the summer.
Kaspersky claimed the reason Android devices were popular targets was not because of how widely used the operating system is.
"The core security issue...can be traced back to the lax security of the Google Play marketplace, especially in comparison to the Apple iOS App Store," the company said.
"Surely more of the same is in store for 2013," it added.
Jane McCallion is ITPro's Managing Editor, specializing in data centers and enterprise IT infrastructure. Before becoming Managing Editor, she held the role of Deputy Editor and, prior to that, Features Editor, managing a pool of freelance and internal writers, while continuing to specialize in enterprise IT infrastructure, and business strategy.
Prior to joining ITPro, Jane was a freelance business journalist writing as both Jane McCallion and Jane Bordenave for titles such as European CEO, World Finance, and Business Excellence Magazine.