At least one person thinks if you want a paid Android app and download a free version of a paid app; you deserve to be punished.
Security firm Symantec recently said a fake Google Android app, advertised as a free version of a paid app, is victimizing unsuspecting users. The app steals data from the user and sends the user's SMS contacts an embarrassing message.
Hey, just downlaoded [sic] a pirated App off the Internet. Walk and Text for Android. Im [sic] stupid and cheap, it costed [sic] only 1 buck. Don't steal like I did! the message reads.
The fake app can be downloaded under the name Android.Walkinwat. It is a version of Walk and Text, an app available for $1.53 that uses the user's camera phone to show them what is in front of them as they text.
Once its downloaded and running, the user is presented with a dialog box that gives the appearance that the app is in the process of being compromised or cracked. However in reality, its gathering sensitive data and sending it to an external server. It does so through a process called LicenseCheck, which is a legitimate process real apps use to verify their apps for privacy purposes.
Finally, along with the text message, the app displays a message to the user saying, We really hope you learned something from this. Check your phone bill;) Oh and don't forget to buy the App from the Market.
The app, Symantec says, is the first it has discovered that actually tries to discipline the pirate who has downloaded it. The Trojan app is available on file-sharing sites and not the official Marketplace.
Symantec has a number of theories as to whether the person responsible for the malware is actually the developer behind Walk and Text. One could make the case that this app was intentionally spread in these regions by the creators of the threat in order to maximize the download prevalence and convey their message to as large an audience as possible, however one could also make the case the creator of Android.Walkinwat is attempting to undermine the publisher of Walk and Text, said Infran Asrar, Symantec employee.