Symantec: Fake Android app shames illegal downloaders

Cheapskate Android smartphone owners, beware: a malicious program posing as a free version of a legitimate app is out to expose the downloader's folly. Security software maker Symantec said "Android.Walkinwat" is the first such threat of its kind discovered in the wild for the mobile landscape. "Hey, just downlaoded a pirated App off the Internet, Walk and Text for Android. Im stupid and cheap,it costed only 1 buck.Don't steal like I did!" reads a grammatical-error-filled text message the app will attempt to send to everyone in the address book of the victim's phone. According to Symantec, the rogue application presents itself as a fake version (1.3.7) of "Walk and Text," a legitimate application that uses the Android device's camera to let people see what is in front of them as they text while walking. Stealing sensitive info Symantec also said that the malicious app was discovered March 30, and can steal sensitive information from the compromised device. The company said that the app can be found on file-sharing websites throughout North America and Asia. "One could make the case that this app was intentionally spread in these regions by the creators of the threat in order to maximize the download prevalence and convey their message to as large an audience as possible, however one could also make the case the creator of Android.Walkinwat is attempting to undermine the publisher of Walk and Text," it said. The legitimate version of the app on the Android market costs P66.79. "Walk and Text - see what is going on in front of you on the road while walking and typing or down stairs. Type and Walk without fear!" read the summary of the software on the Android Market. 'Cracking' Once the app is run, it displays a dialog box that indicates the app is being compromised or cracked. But it is in reality gathering and attempting to send back sensitive data such as name, phone number and IMEI information to an external server. The app also sends the SMS message to all contacts in the phone's contact list. "Interestingly enough, the Trojan performs the above set of actions in a routine of Android.Walkinwat called “LicenseCheck", something traditionally used by legitimate apps for license management in conjunction with a Licensing Verification Library available for the Android platform to help prevent piracy. The authors of the malicious code have taken an extra step to make sure that their app was obfuscated, which is another recommended measure to prevent piracy," Symantec said. The app then concludes with a final message to the user, and provides the user an option to buy the legitimate version from the Android App Market. "We really hope you learned something from this. Check your phone bill;) Oh and dont forget to buy the App from the Market," it said. "Although this isn’t the first case of disciplinary justice being used as means to send a message against piracy, this is the first of its kind discovered on the mobile landscape," Symantec said. — TJD, GMA News