I have to admit I am not really familiar with mobile device development but once an application is installed and trusted I expect it has full access to your device and could potentially, when presented with an Internet connection send out, mobile numbers and possibly smses, calendar events and maybe even notes present in your mobile device. More insidiously I guess it can initiate an Internet connection itself via WiFi or even GPRS. That being said I do know that some mobile phones ask for permission before allowing applications access to certain things such as the WiFi or GPS data, however with a little social engineering I bet people can easily be convinced to allow it.

So I certainly agree with you John. Beware that even mobile devices can be a target. As with everything else ensure not to run anything you don’t trust and are absolutely sure of its origin.

Since mobile numbers are like gold to marketers, Storm8, which claims 20 million downloads of its games, was essentially using its game to mint money for itself.

After the company’s dubious activity was exposed this summer, it fixed the problem, which it characterized as an “oversight” and a “bug” in the software. However, that didn’t deter a class action lawsuit from being filed against the company last week. In that suit (http://www.prnewschannel.com/pdf/Complaint_Storm_8_Nov_04_2009.pdf), the plaintiffs aren’t buying Storm8′s “bug” defense. They argue in their compaint filed in a federal district court in California:

“Storm8’s characterizations of its practice of harvesting phone numbers as a bug”and an “oversight” are false. Storm8 could not have accidentally harvested its users’ phone numbers. It used very specific and specialized software code to do so.”

Since iPhones are so popular among upper level executives, this kind of theft could present corporate computer security personnel with even more severe problems than online gaming scams that may victimize their rank-and-file users.