The SlashGear blog has recently reported on “the mother of all Android malware”, discovered in the security system of HTC Android-based devices. The report claims that it is leaking huge amounts of users’ private data. According to Slashgear, the flaw has been traced to an application called “HTCLoggers.apk”, in phones with HTC Sense UI package. The flaw is due to customization that allows any app that asks for the right permission, to access to all sorts of private user data. The vulnerability is so bad that apparently an attacker could duplicate the phone in its entirety using it.
HTC is investigating the claims.