US election apps may lead to data disclosure

Share on facebook
Share on twitter
Share on linkedin
Share on email

[/caption] Trend Micro said one of these apps was already removed from Google Play but remain available on third-party ones. The apps are crafted to take advantage of the upcoming US presidential election and its two candidates, Mitt Romney and Barack Obama. Users can download the apps for free. The first app called ?Obama vs Romney?, an ANDROIDOS_AIRPUSH variant found to connect to, a mobile ad network site. The app?s description page also indicates that it may contain ad notifications. ?We found that this app has more than 300 downloads from third party stores and an estimated 500-1000 downloads from Google Play so far,? the anti-virus firm said. The app was designed as a polling service in which users can choose between the two candidates. It is supposed to display an overall result of the poll immediately. However, during our testing, it ends up showing the message ?you probably want to start clicking as soon as possible?. The particular app also displays potentially annoying ads served from that are displayed outside of the app itself. It also contains ACCESS_COARSE_LOCATION among others, that can access information that includes the device?s GPS location. The second app is the ?Captain America Barack Obama 1.0? (detected as a ANDROIDOS_ADWLEADBOLT variant) that installs a Barack Obama 3D wallpaper and US flag on the affected device. This was already removed from Google Play but remain available on third party app stores. So far, this app has been downloaded 720 times from third party app stores. The other two apps are ?Barack Obama Campaign LWP 1? and ?Mitt Romney Live Wallpaper 1? (both detected as ANDROIDOS_ADWLEADBOLT variants). Both of these apps also contain ACCESS_FINE_LOCATION and ACCESS_COARSE_LOCATION. Similar to the above mentioned apps, they display ads on the device. Users can prevent this ad display by clicking a specific URL and disclose certain information such as their International Mobile Equipment Identity (IMEI) and device type to the said site. However, it is likely that users will not notice this and opt to receive the ads. ]]>

Facebook Comments

Latest Posts