One in five Android apps exposes private data

Nearly ten thousand Android applications give third party apps access to private or sensitive information, says a report from SMobile Systems.

One in five of the 48,000 apps available grants a third party application access to private or sensitive information that an attacker could use for malicious purposes, such as identity theft, mobile banking fraud and corporate espionage.

Five percent have the ability to place a call to any number without requiring user intervention, and two percent allow an application to send premium SMS messages. Eight applications explicitly request a specific permission that would allow the device to brick itself.

“The Android operating system and the Android Market are quickly becoming the most widely used mobile platform and app store in the world,” says said Neil Book, SMobile CEO.

“There are individuals and organisations out there right now, developing malicious code designed to capture your most personal information and use it to their advantage.”

Dozens of applications have all the hallmarks of spyware, says SMobile – and users can’t be sure they’re not, as the Android Market is peer-reviewed rather than having a formal screening process.

“The open-source architecture that drives Android phones and the abundance of application stores available for all smartphone devices have allowed developers to quickly create and post thousands upon thousands of new applications,” says Daniel V Hoffman, chief technology officer for SMobile Systems.

“As a result, applications are currently available that have the potential to cause serious harm to devices, customers and to the broader cellular network.”