Nearly a month ago, researchers have discovered a Chinese mobile phone monitoring service that allows users to compromise a target’s mobile phone running Symbian or Windows Mobile and access the exfiltrated information stored online for a fee.
At the time, they commented that it was only a matter of time until Android devices are targeted as well, and they were right: Bitdefender has spotted five data-stealing applications being offered on the Android Market with the same intent.
The difference between these spying apps and the one in the previous example is that to install one of the Android ones, the wannabe spy must have physical access to the target’s device to download it and run it.
He (or she) must also memorize a 5-digit code that is given by the app upon installation, which will afterwards be used to access the stolen information (contacts, messages, recent calls, browser history) through the app developer’s site.
“For messages, recent calls and history, a $5 fee is requested which sounds like a small toll for a big invasion in someone’s personal life,” says Bitdefender. “If the person also keeps job related data on the phone, a pry tool like this can compromise an entire business in the process.”
The whole data exfiltration/uploading to a remote server process is supposedly executed in less than 60 seconds, and the app uninstalls itself after the deed is done.
The claim by the app developer that all unpaid for data will be deleted after a day in order to respect the victim’s privacy are likely an equally big lie as the claim that the apps were developed and offered on the market for “study purpose”.
“A data base of sensitive private information – be it personal or corporate – can prove a gold mine,” comment the researchers. “Cybercriminal minds can see the benefits of that and wouldn’t let such an opportunity slip through their fingers.”