The Skype blog gives some good security advice for those using Android
To protect your personal information, we advise users to take care in selecting which applications to download and install onto their device.
This is related to a recent Google take-down notice for the infamous 21 apps cited by the Android Police for malicious intent.
I just randomly stumbled into one of the apps, recognized it and noticed that the publisher wasn’t who it was supposed to be.
Super Guitar Solo for example is originally Guitar Solo Lite. I downloaded two of the apps and extracted the APK’s, they both contain what seems to be the “rageagainstthecage” root exploit – binary contains string “CVE-2010-EASY Android local root exploit (C) 2010 by 743C”. Don’t know what the apps actually do, but can’t be good.
Although we can write this off as unique to Skype, and even Skype only on Android, the problem is actually much more broad. Communication systems are either attacked in real-time or after a session closes and leaves behind residue and logs. This case shows how residue can be exposed to other applications without explicit authorization.
More troubling is that attackers continue to show a predilection for using back doors on systems that do not practice effective monitoring, let alone back door compromise prevention. Given the huge number of weak backdoor paths I have found in “data center” environments recently, I might have to turn this into a full-blown presentation.
Data centers, in others words, should take care in selecting which doors to punch into their walls.