Last month we posted that we had discovered some unusual activity by Leo Privacy Guard. Today, we are releasing a Threat Report detailing the information that this app collects about users and sends to a server in Singapore.
The information taken includes sensitive identifying details such as the IMEI, a unique phone identifier, and IMSI, which identifies your phone to your mobile provider’s network, and much more.
With this information, pirates could make your phone stop working, steal mobile minutes, or compromise your personal identity.
Furthermore, this data is sent in the clear, which means it is unencrypted.
Craig Spiegelberg, found of PrivacySentry and SpyAware, will present this whitepaper at the CTIA conference this week.
SpyAware was founded to change how mobile data is handled and regulated. With the SpyAware app, we watch data being sent by apps to places around the world with few rules. Other regular app violators include the Drudge Report, Facebook and Twitter. See the screenshots to get an idea of what these apps are doing with your data.
So far, however, Leo is the biggest violator.