An Android wallpaper app which collects an user’s information, such as voicemail number and phone number, and sends it to a server in China has been downloaded millions of times, according to a researcher from Lookout, a mobile security firm, who also released the following at the Black Hat security conference:
The data included the device’s phone number, subscriber identifier (e.g. IMSI), and the currently entered voicemail number on the phone (see below for technical details). While this sort of data collection from a wallpaper application is certainly suspicious, there’s no evidence of malicious behavior. There have been cases in the past on other mobile platforms where well-intentioned developers are simply over-zealous in their data gathering, without having malicious intent.
The only part I don’t get it is that someone is literally ’stealing’ your sensitive personal data is described as being ‘without having malicious intent’? And why specifically this case has been picked out, while Lookout itself says there have been more similiar cases. Meanwhile, the developer of this wallpaper app responded to these accusations by declining all reports with some shown evidence.
Google has already said to ‘’suspended this application while we investigate further.”