A pirated version of an Android app is actually a Trojan
that "shames" someone who installs it by sending an SMS message to all his contacts telling them of his piracy.
The original app is called Walk and Text
, and costs $2.10 in the Android Market
. The app uses the camera on the back of a smartphone to show a user a visual of his upcoming surroundings, which will supposedly prevent the user from running into the street or across a set of train tracks.
[Of course, since many tend to look down as they text, it's also possible they will see only the ground, unless they retrain themselves to hold the phone perpendicular to the ground as they walk. For us, that seems really hard to do.]
The pirated version is available from unofficial Android app markets, and once installed and redirects the pirate to the legitimate app in the Android Market, while also sending the following SMS message to the phone's entire contact list:
"Hey, just downlaoded [sic] a pirated app off the internet, Walk and Text for Android. Im stupid and cheap, it costed [sic] only 1 buck. Don't steal like I did!"
Finally, a message pops up on the phone's screen:
"We really hope you learned something from this. Check your phone bill ;) Oh and dont forget to buy the App from the Market."
Security firm Avast took a look at the pirated app
, and made some conclusions that resulted in a huge blow-up in the comments section, including threats of a lawsuit. That contentiousness came from Avast's original post, which determined
that data from the pirated app was sent to a URL owned by Georgi Tanmazov, CEO of Incorporate Apps, the developer of a number of Android apps including the legitimate "Walk and Text" app.
The conclusion of the original post was that the app was a sort of punishment by Incorporate Apps to pirates. According to some of the Incorporate Apps comments in the post, which has since been rewritten, "We argued about a previous version of our Apps being stolen and hijacked on numerous forums and I guess people tried to get back on us in some way."
The rewritten post offers other alternative theories as to the URL and to why data would be sent to it.