Your Android Smartphone may Contain An “Official” Malware
Trevor Eckhart, a senior Android developer discovered a mysterious application when he was tooling around with a HTC handset. The app seemed to capture everything the smartphone did, including buttons pressed, website visited, text entered, number dialed and others. The app was hidden so well that it didn’t register as a running app in the HTC device, in short, there’s no way to force-quit it. In general, it simply behaved like a rootkit that is often used to conceal malware. Carrier IQ responded by threatening to sue Eckhart $150,000 for damages if he refuses to take down the manual used for tracing the app.
The company argued that the app is used only to gather important information such as how users operate their phone, where reception is poor, why phone calls are dropped, average battery life and why applications crash. It insists that the app is not intended to look at texts and collect sensitive user information.
After a while, the company decided to quit the fight and offer Eckhart an apology. The company officially stated that the app doesn’t record text, email, keystrokes and other real time data although Eckhart reports suggested otherwise.
Although the original goals behind the use of Carrier IQ could be quite harmless, including to measure handset and carrier performance; using a malware-like service is still a dishonest method. Also, there are still a few concerns that maybe unresolved, such as the fact that the data can be accessed by many parties and stored in insecure process.