Codebreaker

Android app hacked

John Moe Mar 1, 2011

Seems like we’ve been hearing about the security vulnerabilities of Android apps for a while and here’s a test case. Steamy Window is a silly little app where you get a screen that looks like it has steam on it, then you can draw on it like you would a fogged up car window. The app was apparently downloaded, hacked into, a Trojan Horse installed, and then the app was rereleased onto third party Android app sites that Google doesn’t control. If you install the infected version (which of course looks exactly like the non-infected version) the app sends out hundreds of text messages from your account, installs other infected apps, and takes over your browser. The hack was reported by the security firm Symantec.

The Trojan can “install other applications, monkey with the phone’s browser bookmarks, surreptitiously navigate to Web sites and silently send text messages, said Thakur. The last is how the criminals make money. ‘The Trojan lets them send SMS [short message service] messages to premium rate numbers,’ said Thakur, for which the hackers are paid commissions.”

We’re here to help you navigate this changed world and economy.

Our mission at Marketplace is to raise the economic intelligence of the country. It’s a tough task, but it’s never been more important.

In the past year, we’ve seen record unemployment, stimulus bills, and reddit users influencing the stock market. Marketplace helps you understand it all, will fact-based, approachable, and unbiased reporting.

Generous support from listeners and readers is what powers our nonprofit news—and your donation today will help provide this essential service. For just $5/month, you can sustain independent journalism that keeps you and thousands of others informed.