Good thing you listened to us this morning when we posted about a new Google Play app that seemed to let you send Apple iMessages via an Android app.
When something seems to good to be true, it usually is.
Fairly clear, right? As we pointed out this morning, the iMessage Chat app for Android devices turned out to be sending data, including users’ Apple IDs, through another server in China, which is kind of an easy way to steal people’s sensitive information. Apple IDs and passwords can be used to purchase apps, books, and music from the App Store, as well as connect to iCloud data, which can have addresses and more personal info.
Jailbreaking guru and Cydia creator, Jay Freeman, ripped into the code of the app and figured out what was happening. “I believe that this application actually does connect to Apple’s servers from the phone,” he writes, “but it doesn’t then interpret the protocol on the device. Instead, it ferries the data to the third-party developer’s server, parses everything remotely, figures out what to do with the data, and sends everything back to the client decoded along with responses to send back to Apple.”
Good thing Google got wind of this app and decided to pull it, or we might be hearing much worse from people who’d had their Apple IDs taken.