Most mobile geeks usually don’t think twice about downloading an app to their mobile device but a new study suggests that smartphone users might want to use the same caution they consider when downloading desktop apps from the web.
New findings from the security firm Lookout implores users to pay attention to what they’re downloading because that “really great” app you found could be transmitting your sensitive data to unknown entities.
According to Lookout, a number of users recently downloaded a malicious app (Jackeey Wallpaper) in the Android market meant to give users cool wallpapers, unfortunately instead, it allegedly sent user information to China. The information compromised apparently included a litany of private data such as SIM card #’s, voicemail passwords and subscriber identification to a website located in China.
This all came to light as Lookout began to analyze over 300,000 iPhone and Android apps for their App Genome Project, an initiative created to determine precisely what mobile apps do when they’re running on your device.
Another interesting tidbit revealed claims third-party codes used by developers to input ads/analytics may be accessing things they shouldn’t or at the very least not making you aware that your information is being gathered.
Lookout will be sharing its research this week at the Black Hat Security Conference (July 28-29 ) so to end on a positive note, they’re working hard to expose these vulnerabilities to the development community.
Lookout posted these early findings on their blog:
29% of free applications on Android have the capability to access a user’s location,
compared with 33% of free applications on iPhone
Nearly twice as many free applications have the capability to access user’s contact data on iPhone (14%) as compared to Android (8%)
47% of free Android apps include third party code, while that number is 23% on iPhone
* Examples of third party code includes code that enables mobile ads to be served and analytic tracking for developers.