Take a closer look next time you browse through the Android Market: thousands of those apps can do things like make random calls or send texts at will, and they could infect your phone with spyware.
Mobile security firm S Mobile Systems has released a new report on the security threats of Android. “It is noted that one in every five applications request permissions to access private or sensitive information that an attacker could use for malicious purposes,” claims the report.
Additionally, around 5% of all the apps grant permission for an unauthorized person to make a call to anyone, and 3% could potentially send out text messages without the user’s knowledge.
S Mobile, which of course offers its own mobile security software suite, contends that 29 of the nearly 50,000 apps it tested authorize the same kinds of permissions that are seen in spyware applications.
One of the most high-profile malicious Android apps was one that claimed to be a mobile banking app: users could provide their login credentials to any bank account and receive access to their account through a mobile portal. Or so claimed the app description. In reality, the login info that users provided was stored somewhere for the app’s developer to see.
In total, S Mobile warns that more than 20,000 Android apps ask for user permissions that “would be considered to be suspicious.” There are even some apps that request users to give up more than 10 “notable permissions,” meaning content like contact info, e-mail, phone dialing, saved messages, and GPS data.