Seems like we’ve been hearing about the security vulnerabilities of Android apps for a while and here’s a test case. Steamy Window is a silly little app where you get a screen that looks like it has steam on it, then you can draw on it like you would a fogged up car window. The app was apparently downloaded, hacked into, a Trojan Horse installed, and then the app was rereleased onto third party Android app sites that Google doesn’t control. If you install the infected version (which of course looks exactly like the non-infected version) the app sends out hundreds of text messages from your account, installs other infected apps, and takes over your browser. The hack was reported by the security firm Symantec.
The Trojan can “install other applications, monkey with the phone’s browser bookmarks, surreptitiously navigate to Web sites and silently send text messages, said Thakur. The last is how the criminals make money. ‘The Trojan lets them send SMS [short message service] messages to premium rate numbers,’ said Thakur, for which the hackers are paid commissions.”
Stories You Might Like
There’s a lot happening in the world. Through it all, Marketplace is here for you.
You rely on Marketplace to break down the world’s events and tell you how it affects you in a fact-based, approachable way. We rely on your financial support to keep making that possible.
Your donation today powers the independent journalism that you rely on. For just $5/month, you can help sustain Marketplace so we can keep reporting on the things that matter to you.
