Around 80 wallpaper apps designed for use on Google Android devices have been collecting personal information and transmitting it back to third parties, an investigation has found

According to Lookout, a US-based security firm, more than 80 google Android wallpaper apps were collecting mobile phone numbers and personal details, including unique subscriber numbers. Many of the apps also ?dialled home? to their developers, transmitting unencrypted sensitive data back to remote servers.

One such app, called Jackeey Wallpaper, was downloaded millions of times, and sent data back to China, according to Kevin MaHaffey, Lookout?s chief technology officer. The company presented its findings at the Black Hat security conference in Las Vegas earlier this week.

The Jackeey Wallpaper app provided themed Star Wars and My Little Pony wallpaper, said Lookout, but it also collected information about the user?s phone number, unique identifier and voicemail number, before beaming back this data to a server in China. However, Lookout stressed that there was no evidence that this data had been collected or used for malicious purposes.
"While this sort of data collection from a wallpaper application is certainly suspicious, there?s no evidence of malicious behaviour," said MaHaffey. "There have been cases in the past on other mobile platforms where well-intentioned developers are simply overzealous in their data gathering, without having malicious intent."
Google said it had suspended the application while it investigated the matter. Lookout said that even apps that seemed legitimate could be modified retrospectively to add a ?rogue? element.
?As phones continue to evolve into mini-computers consumers face the same challenges related to malicious software as they have faced on PCs for many years," said Ben Wood, an analyst at CCS Insight.
"The revelation that apps in the Android Market are gathering user data will come as an embarrassment to Google, but it should also serve as a warning to users that they need to be sure about the provenance of apps they are downloading.?