Fake iMessage App For Android Surfaces, Raises Security Concerns
There’s something fishy about this iMessage app for Android, and it’s not the fact that it’s using an outdate iOS 6 skin. While that should be a first warning sign, the reality is that the app, which recently appeared in the Google Play Store, is the work of a third-party developer. It by no means provides official cross-platform access to Apple’s popular messaging service.
9to5Mac reports that scrutiny of the .apk file – the form the program takes outside the Play Store ecosystem – suggests that there is a serious potential risk to personal data. The app works by using the developer’s own server as a proxy to spoof messages into appearing to come from an iPad Mini, thus bypassing the strict “Apple Only” nature of the iMessage protocol. However, in doing so, it means that the developer has access to all of your message data.
People that have tried the app reported varying results – some report that they can only message other Android users, while others have only some Apple contacts.
In addition to these security flaws, the iMessage app requires you to sign in with a working Apple ID. As you probably already know if you have one, your Apple ID stores payment information and personal data, and serves as your gateway into a number of Apple services.
The iMessage for Android app is available as a free download in the Google Play Store and is by a developer called Daniel Zweigart.