GFI Warns Politically-Inclined Mobile Users to Guard Privacy

September 11, 2012 - 12:00

GFI Labs Outlines the Types of Personal Data That Presidential Campaign Apps Gather

GFI Software™ today released its VIPRE® Report for August 2012, a collection of the 10 most prevalent threat detectionsencountered last month. In August, GFI threat researchers examined the privacy of users downloading mobile apps released by both the Barack Obama and Mitt Romney U.S. presidential campaigns. Researchers also uncovered a variety of new attacks targeted at Android™ device owners including phony antivirus programs and a fake Adobe® Flash® Player application.

“While issues with mobile security are a relatively new phenomenon, it does not mean that there are not already a large number of security pitfalls that users should avoid,” said Christopher Boyd, senior threat researcher at GFI Software. “Avoiding mobile malware often requires the same preventative tactics associated with traditional malware such as verifying the legitimacy of any unsolicited emails or hyperlinks before installing an unknown application or submitting personal information. However, as we saw this month, even legitimate mobile applications can pose a threat to privacy if users do not investigate before granting permissions to gather data.”

The Obama for America and Mitt’s VP smartphone applications were found to have a number of significant privacy issues that went unnoticed by users who did not read the terms of service agreements before using either application. In order to use the Romney campaign’s app, users had to sign in through their Facebook® account or to provide personally identifiable information such as their name, email and home address. Users who opted to sign in through Facebook gave the app permission to post on their profile page on their behalf and to collect even more data from their Facebook friends. The application was also found to collect other information such as the device ID, carrier and phone number as well as GPS and cell locations.

The Obama campaign’s application required users to allow the app to gather information such as GPS location as well as the names and phone numbers found in the user’s contact list, call and message logs, data on other installed apps and the contents of the phone’s SD card if present. The user was then presented with information on registered voters in the area before being encouraged to canvass the neighborhood on behalf of the campaign. The stipulations required by each application should be considered against privacy concerns before a user chooses to continue the install.

Mobile users also drew the attention of cybercriminals in August with the OpFake Trojan being distributed under the guise of the Adobe Flash Player which is no longer being developed or supported on mobile browsers. Furthermore, some versions of the fake application were bundled with adware which rooted the device and downloaded a fake version of the real Flash Player application. The adware program then performed a number of malicious tasks including the theft of the user’s phonebook contacts for advertising purposes and the deployment of pop-ups on the user’s screen. Other Android users encountered a number of fake mobile antivirus applications masquerading as mobile applications provided by legitimate antivirus companies. The fake applications contained a Boxer malware program which sends SMS messages to a premium number before redirecting the user to another site.

Secure Smartphones and Tablets
GFI Software recently released GFI VIPRE® Mobile Security Premium, one of the most comprehensive mobile protection applications for Android phones and tablets. The app combines GFI Software’s award-winning VIPRE antivirus technology with lost device features, parental controls and automatic backup capabilities. This powerful combination enables consumers to use their devices freely without having to worry about mobile viruses, identity theft, data loss or unsupervised activity. To learn more about GFI VIPRE Mobile Security Premium, visit

Top 10 Threat Detections for August
GFI’s top 10 threat detection list is compiled from collected scan data of tens of thousands of GFI VIPRE Antivirus customers who are part of GFI’s ThreatNet™ automated threat tracking system. ThreatNet statistics revealed that Trojans and adware dominated the list with each taking four of the top 10 spots.

VIPRE report August 2012

About GFI Labs
GFI Labs specializes in the discovery and analysis of dangerous vulnerabilities and malware. The team of dedicated security specialists actively researches new malware outbreaks, creating new threat definitions on a constant basis for the VIPRE home and business antivirus products.

About GFI
GFI Software provides web and mail security, archiving and fax, networking and security software and hosted IT solutions for small to medium-sized businesses (SMB) via an extensive global partner community. GFI products are available either as on-premise solutions, in the cloud or as a hybrid of both delivery models. With award-winning technology, a competitive pricing strategy, and a strong focus on the unique requirements of SMBs, GFI satisfies the IT needs of organizations on a global scale. The company has offices in the United States, UK, Austria, Australia, Malta, Hong Kong, Philippines and Romania, which together support hundreds of thousands of installations worldwide. GFI is a channel-focused company with thousands of partners throughout the world and is also a Microsoft Gold ISV Partner.