Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Rogue Android app sent personal info to legit version's developer, claims AVAST

Gregg Keizer | April 1, 2011
Developer denies he created the app to humiliate pirates

AVAST and Tanmazov have been at odds for more than a week, when AVAST blogged about the malicious version of Walk and Text that researchers found on the Internet.

Since then, Tanmazov has threatened to sue AVAST and accused the company of publicizing the Trojanized version of his app to promote its mobile security software. "We haven't heard from any lawyers," said Steckler. "But it's a common threat against security companies."

Today, Tanmazov said he was "still looking into options" that included a lawsuit, but acknowledged that the route would be expensive. "It is a very sorry situation that AVAST is trying to provoke us in such a way," he said.

Steckler denied that AVAST will shortly release a security app for Android, or warned users of the malicious edition of Walk and Text for publicity. "What we care about is malware out there that takes personal info and incurs costs to users," he said.

Installing the Trojanized app could result in higher texting bills, depending on the number of contacts in a victimized smartphone, and where those contacts lived. "This could cost you some money," John Engles, a group product manager with Symantec's security response team, said in an interview yesterday.

The back-and-forth between AVAST and Tanmazov is unusual, Steckler admitted.

"There's still a lot of private pushback from adware and spyware makers, which remains a very gray area. But this is the first case we know of where a developer of a legitimate app has gotten so angry. What makes this different is that data was being sent to his URL."

This isn't the first time that malware-filled Android apps have cropped up. Last month, Google yanked more than 50 infected applications from the Android Market. In that case, no complaints from the legitimate developers of those purloined apps surfaced publicly.

According to Google, Walk and Text on the Android Market does not contain the malicious code and features of the Trojanized copycat.

Hackers have turned to the tactic of taking a legitimate app, then recompiling it to include malware or malicious features because of Android's success, said Steckler.

And the practice won't stop anytime soon.

"This isn't a security deficiency of Android, but a philosophical choice by Google," said Steckler. "What makes Android so successful is also what makes it vulnerable here. Unlike the Apple ecosystem, Android is pretty much wide open, and users can get apps from almost anywhere."


Previous Page  1  2 

Sign up for Computerworld eNewsletters.