Symantec has found more malware in the Android Market1, even going so far as to give the app it's own 'viral' name AndroidOS.Tapsnake.  Symantec states that Tapsnake sends your GPS data, and users with another application can read your location.  And they're right -- but read further and you'll see that calling this any type of threat is as silly as developing it in the first place.

In Symantec's own words:

"For the application to really be used maliciously, an attacker would need to have access to the phone to install the program. For it to work, an email address and “key” must be typed into the phone running AndroidOS.Tapsnake. This same registration information must later be typed into the phone running GPS Spy." 

In other words, you not only have to download a Snake game that tells you it's going to use your GPS data, you also have to enter a keyword, and the e-mail address of the person who will be doing the spying.

There are real threats out there, but this isn't one I'm going to worry about.  Watch what you download and use the tiniest bit of common sense and you'll be just fine.  [Symantec]

1. author's note: I tried seven different Android phones, and couldn't find Tap Snake on the Android Market.  Symantec says it is available, so your mileage may vary.

Reader comments

Symantec's latest -- Tapsnake: watching your every move?


So there is app out there that takes your GPS info but it doesn't do anything with it.

Why does it take it? Google needs to become a BIT stricter about permissions. I don't expect an iron fist like at the App Store but use common sense. Make these companies justify permissions like GPS.

I'd like to have the ability to allow or deny permissions to each app. It would be great if it'd tell me that the app wants to use SMS (or GPS), but I could still install it and tell Android not to allow it access to SMS (or GPS).

The more these security companies scrap to find any and everything to make a case on Android the more I feel that Google has really put together a solid system. It seems to me this is a part of a two part app for you to spy on someone. Its doing what its supposed to do technically. A parent could want to do this for their kid or something while not making it obvious. Or maybe you want to do it for yourself for some reason to hide the fact that your phone is being tracked. Its one of those slippery slope things because they made a clear way to activate the spying.


More FUD fear-mongering by antivirus companies looking to get in on the next big area of devices.

Someone wake me up when we have a fully fledged, self-replicating virus that doesn’t require my permission to install, exploits some unknown security hole to subversively install itself, accesses my contacts, and emails itself to all of my friends and acquaintances.