Windows Phone - 08 September 2011
Author: David K

imageMost of you know AVG – the free antivirus and internet security software for your PC. They’ve branched out to mobile devices and have an Android security app. Their most recent app is actually for Windows Phones though. The AVG Security Suite has the following description:

Free Security Suite from AVG Mobilation – security software for Windows Phone™.
Keep your device safe with just one click.

Safe Web Surfing
Stay safe from phishing and malware while surfing the web

Safe Search
Allowing you search the web avoiding malicious web sites

imageBut it also does a search of your phone to make sure it’s ‘protected’. What does that mean? The XAP has been reviewed by Rafael Rivera and it searches for precisely two things in your photo and music: the words EICAR and עברית (which is Hebrew for the word “Hebrew”). Because of the way that Windows phone sandboxes applications you can’t search outside of these elements and that’s also why this whole thing is silly since you can’t readily have a virus in Windows Phones currently since no one has breached the walls Microsoft has put up so far. But this is only the beginning of what the app does.

Justin Angel also took a spin at the XAP and it actually is doing a bit more than reviewing your phone for two files:

image

If you want to see the code he’s looking at, he’s provided it here. So what we have is an application that is collecting your location and device information and it sends all possible identifying information to the server through HTTPs XmlRPC. Here’s the information it’s collecting:

image

Is this legit? Is this permissible under Microsoft’s guidelines?

image

Let’s file this one under “to be continued” because it appears as though there’s a possibility that this app gets removed from marketplace if everything above is correct. It also means there will be some explaining to do.

Remember that at Pwn2own this year no attempts were made at Windows Phones because there are no known exploits so a security suite (particularly one that can’t run in the background or scan third party apps) is pretty meaningless at this point. Well maybe it can scan itself…that would have helped from the beginning.

UPDATE: Yup this caught Microsoft’s attention:

image









About Author

(9) Readers Comments

  1. Pingback: Justin Angel

  2. Pingback: Free Security Suite from AVG Actually First Windows Phone Security Threat | WP7 Connect

  3. Sandboxing FTW!

    AVG just wasted their time. Trying to create a market where there isn’t one.

  4. Pingback: Windows Phone AVG antivirus app may be more dangerous than we thought - 板车网 – 关于平板电脑,ipad,iphone,wp7,android,webOS,xoom

  5. Pingback: AVG Security Suite Pulled From WP7 Marketplace

  6. Pingback: Programmiert AVG selber Spyware?? | Sploing//Blog

  7. Pingback: AVG Security App Pulled From WP Marketplace « NoobSavvy

  8. Take it as a compliment that someone actually thinks there’s enough of you to comprise data to actually mine, rather than sort of shovel by the hand of a child.

  9. Pingback: AVG โดนถอดออกจาก MarketPlace ของ WP7 ข้อหาขโมยข้อมูลผู้ใช้! | iT24Hrs