Google Kills iMessage For Android Amidst Security Scare

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

iMessage for Android app taken off the Google Play store, even though experts can’t find anything malicious in it

Even though security researchers cannot find any clear and present threat posed by an iMessage for Android app, the software has been pulled from the Google Play store.

The iMessage Chat app emerged earlier this week, with a developer called Daniel Zweigart pushing it across a variety of online stores. It works too, allowing Android users to connect with iPhone owners via the free-to-use service.

TechWeek caught a screenshot of the app page before it was pulled:

iMessage

iMessage for Android danger?

Two security companies looked at the app’s code for TechWeekEurope and neither could find any clear threat. F-Secure said it “couldn’t see anything suspicious” and “the app doesn’t even use any suspicious permissions”.

“It just seems to be an overreaching clone, not malicious,” F-Security security advisor Sean Sullivan told TechWeek.

A screenshot had emerged showing the app would send contact data to an external server, but F-Secure analysts could not find such functionality.

“It is clean,” Kaspersky said. “That said, it seems that it may not be a very nice app.”

Indeed, there are reasons to be fearful of the iMessage app. As noted by mobile developer Jay Freeman, all messages go through iMessage for Android’s server in China, which will concern some given little is known about Zweigart.

“This not only means that Apple can’t just block them by IP address, but also that they get to keep the ‘secret sauce’ on their servers (and potentially just run Apple code: there are some parts of the process in Apple’s client code that is highly obfuscated),” Freeman said.

It also appears the app can download additional Android application packages, which could pose a future threat.

Earlier this week, F-Secure warned about the “rampant” threat of fraudulent Android apps. Between March and July there were 175,000 new samples of Android malware doing the rounds.

What do you know about Internet security? Find out with our quiz!