It seems that HTC Android phones just took a hit in their image today, as the folks of Android Police discovered a huge security hole. This one was caused by the software customization done by HTC on Android handsets, allowing applications with the right permissions to access private user information.
What’s worse is that said vulnerable data can be reached later on by HTC or third parties, that may even access your email and credit card data simply by using an open network port. The problem here is caused by the “android.permission.INTERNET” permission, that once called into action accesses vital info on rooted and non rooted smartphones.
The info that can be accessed includes email addresses, GPS locations, call logs, text logs and info about apps that are running at the time. Named just like one of those virus keyloggers, “Htc.loggers.apk” will collect the data and deliver it to anyone who opens a network port n a phone. That’s some serious software flaw right there! The affected models are HTC EVO 4G, HTC EVO 3D, EVO Shift 4G, MyTouch 4G Slide and Thunderbolt.
Other phones with similar software and specs are also vulnerable and HTC has already commented n the situation, saying that they’re investigating the claims. Hopefully they’ll solve the problem before hackers and even not so skilled evil doers get their hands on precious data.