Is anybody feeling some 90s nostalgia right about now? It seems like hardly a day goes by where we don't hear about some sneaky new way for hackers and identity thieves to compromise incautious Android users' phones. The latest is a "battery manager" app that not only compromises your data, but gives you a quick lesson on how to open up the "unknown sources" app install method your phone for easy exploitation. Once installed the app steals your phone number, email address, unique IMEI code and other personal information.
The app is going by both "Battery Doctor" and "Battery Upgrade", mimicking popular (and legitimate) apps like Juice Defender and Power Manager. It's being advertised, presumably via paid ads, on real apps like Scrabble right now. That sets a disturbing precedence for normally harmless ad networks, but it should make it pretty easy for administrators to quickly shut down its primary method of distribution. Adding insult to injury, the app places permanent ads in the pull-down notification bar once installed, which almost certainly drains the battery even faster.
We can't say it enough: never download an Android app from a source that you don't completely trust, just like on any operating system. We're huge fans of Android's expandability around here, not to mention frequent users of non-Market apps, but it's an indisputable fact that it's become the primary vector for malicious apps like the recent fake Netflix data miner. Spread the word to your less technically-inclined friends to keep them from becoming digital victims.