Android Apps are leaking Personal Data of Smartphone users, says Dasient Report

by Swati on July 25th, 2011

Mobile Malware has become a major problem among smartphone users. A recent report from Security firm Dasient has found that a large number of Android apps are leaking user personal data.

“The mobile malware landscape has dramatically increased in size and scope these past few months with recent reports of DroidDream, Plankton, and GG Tracker, among others, impacting hundreds of thousands of Android users. As Android adoption continues to rise among consumers, malware authors too have turned to this lucrative market of mobile applications to spread malicious code and legitimate applications are also leaking sensitive user data”, says the Dasient report.

The security firm analyzed over 10,000 applications for Android smartphones and found that more than 8 percent of these applications are transmitting personal user data to unauthorized computers. This malware leaks the user personal data in different ways such as sending text messages to entire contact lists, similar to email spammers; or racking up extra charges for SMS messages, even without any interaction from the user’s side, besides the application download. The amount of infected applications has doubled over the last two years, says the Dasient CTO Neil Daswani.

Most of the time, the Android Users are inadvertently installing malware while visiting a particular site. Such occurrences are called “Drive-By Downloads” because the user isn’t installing anything on purpose, but rather just browsing or “driving-by”, reports Digital Trends. Apart from playing with the personal user data, the malware also poses serious threat by leaking out other confidential data like the IMEI number (specific to the phone), and the IMSI number (specific to the subscriber)with which the phone SIM card can be easily cloned or sold to illegal organizations that create cloned phones.

Google’s open Android Platforms’s app approval process is not as stringent as that of an Apple App Store. While this works out well for developers who don’t have to put up with the long wait times, most of the apps miss out on even the basic security screening, thereby increasing the chances of malware apps in the marketplace. Earlier this year, after Symantec‘s report pointed out the rise in malware, specifically Trojans in the Android marketplace, Google removed a large number of apps from the App store. But, the apps were downloaded over 50,000 times and infected a large number of users before the search engine giant could fix the problem.

The current report reveals that Google has still not dealt with the issue completely and Android users still run a huge risk of malware attack.

Image source: Intomobile

You might also like: