Fake Android app steals data, takes shot at pirates

Malicious Android app that masquerades as free version of legitimate app steals data and chastises user for trying to get around paying for the actual app.

This is the message the malware sends in a text to numbers listed in the contacts on the phone.
This is the message the malware sends in a text to numbers listed in the contacts on the phone. Symantec

A malicious Android app that masquerades as a free version of a legitimate app steals data and sends spam text messages and a warning that chastise the user for trying to get around paying for the actual app, Symantec said today.

The app, available on several file-sharing sites in North America and Asia that are known as clearinghouses for pirated software, is called Walk and Text. That's also the name of a legitimate app--available on the Android Market for $1.53--that uses a device's camera to let people see what's in front of them as they text while walking. However, the bogus app is labeled as version 1.3.7, which doesn't exist yet, according to a Symantec blog post.

Once the fake software--which Symantec has dubbed "Android.Walkinwat"--is downloaded and running, it displays a dialog box that indicates that the app is in the process of being compromised or cracked, ostensibly to scare the person who thinks they're getting the legitimate app for free. Behind the scenes, the software is gathering sensitive data--including username, phone number, and unique device identifier--and trying to send it to an external server, Symantec says.

The app also sends out a text message (rife with misspellings and errors) to all the numbers listed in the user's contact list: "Hey, just downloaded a pirated App off the Internet, Walk and Text for Android. Im stupid and cheap, it costed only 1 buck.Don't steal like I did!"

The app also displays a message that says "Application Not Licensed" and warns: "We really hope you learned something from this. Check your phone bill;) Oh and don't forget to buy the App from the Market." It includes buttons for buying the app or exiting.

The malware displays this antipiracy warning and offers the option to buy the app from the Android Market.
The malware displays this antipiracy warning and offers the option to buy the app from the Android Market. Symantec

 

Join the discussion

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Galleries from CNET
15 crazy old phones from a Korean museum (pictures)
10 gloriously geeky highlights from 2014 (pictures)
2015.5 Volvo XC60: updated tech, understated design
Busted! CNET readers show us their broken devices (pictures)
Take a closer look at the BlackBerry Classic (pictures)