or Connect
AppleInsider › Forums › Mobile › iPhone › Fake iMessage app for Android spoofs Mac mini, routes chats through China [u]
New Posts  All Forums:Forum Nav:

Fake iMessage app for Android spoofs Mac mini, routes chats through China [u]

post #1 of 25
Thread Starter 
A new messaging app aping the iMessage name has shown up on Google's Play Store, but Android device owners may want to think twice before downloading the unsanctioned app, as it doesn't seem to work as advertised and may be doing a bit more than it lets on.

Update: The app in question has subsequently been pulled from the Google Play store.



The new app is called iMessage Chat, and its developer describes its "primary purposes" as "[making] sure everyone should be able to chat via iMessage on Android for free." The app description is not shy stating a similarity to Apple's iOS- and OS X-based iMessage platform, claiming that "iMessage, the popular instant messaging service known from the iPhone, iPad and Macs is now also available for Android devices!"

In addition to the iMessage name, the app copies the icon from Apple's own iOS 7 Messages app. It also largely reproduces the pre-iOS 7 aesthetic of Apple apps, with a palette heavy in blues and grays, as well as a bulging effect on buttons and other elements.

The service, of course, has no connection with Apple, iOS, or OS X, and in testing the feature The Verge found that it will not even send messages to Apple devices. Instead, it so far only sends messages between Android apps that are running the app.

Developer Adam Bell noted on his Twitter account that iMessage on Android appears to be spoofing iMessage requests by passing itself off as a Mac mini. Bell's tests, though, found that the app was working between test accounts, though he noted that "I 100% do not trust that apk."

Bell's concerns are mirrored by others in the developer community. Jay Freeman, better known as Saurik, delved into the app's code, finding that "the client does directly connect to Apple, but the data is all processed on the developer's server in China. This not only means that Apple can't just block them by IP address, but that also that they get to keep the secret sauce on their servers."

In addition to this third-party routing, some portion of the code in iMessages for Android is apparently hidden or obfuscated. An apparent developer of the app has attempted to allay fears on his Twitter account, saying that the obfuscation is "because i worry sombody use it to send Ads" (sic).

Adding to developer skepticism surrounding the app is the fact that iMessages' developer apparently asks for user login credentials when they request help with the service. Aside from the credentialing issue and the data routing issue, no one in the developer community or the review section on the app's page appears to be complaining of any other egregious security issues or violations.

The app currently has an average rating of 2.9, with 148 5-star reviews and 187 1-star reviews. It has been installed by between 10,000 and 50,000 users.
post #2 of 25
'It has been installed by between 10,000 and 50,000 users.'
LOL! If Fakeroids are really interested in it, why bother with Android then? Wannabe cool, huh?
post #3 of 25

This app is very dangerous.

 

It has permissions to install apk on the background and everything is stored on some servers, in China.

post #4 of 25
I think we are entering the age where the Fandroids would say 'So what? We got iMessage too!'
post #5 of 25

What could go wrong?  :lol:

   Apple develops an improved programming language.  Google copied Java.  Everything you need to know, right there.

 

    AT&T believes their LTE coverage is adequate

Reply

   Apple develops an improved programming language.  Google copied Java.  Everything you need to know, right there.

 

    AT&T believes their LTE coverage is adequate

Reply
post #6 of 25

Looks like malware is the category that Android continues to beat iOS at year-over-year.

post #7 of 25

Lawsuit and jail time in three… two…

Originally Posted by Marvin

The only thing more insecure than Android’s OS is its userbase.
Reply

Originally Posted by Marvin

The only thing more insecure than Android’s OS is its userbase.
Reply
post #8 of 25

I'm thinking this will be pulled eventually...

Mac Mini (Mid 2011) 2.5 GHz Core i5

120 GB SSD/500 GB HD/8 GB RAM

AMD Radeon HD 6630M 256 MB

Reply

Mac Mini (Mid 2011) 2.5 GHz Core i5

120 GB SSD/500 GB HD/8 GB RAM

AMD Radeon HD 6630M 256 MB

Reply
post #9 of 25
Quote:
Originally Posted by macxpress View Post
 

I'm thinking this will be pulled eventually...

 

On what basis? Copyright or trademark infringement? That it is unsavory and sleazy? Tell me, what part of the Android values system does this violate. As near as I can tell, there is no Android values system. 

Apple has no competition. Every commercial product which competes directly with an Apple product gives the distinct impression that, Where it is original, it is not good, and where it is good, it...
Reply
Apple has no competition. Every commercial product which competes directly with an Apple product gives the distinct impression that, Where it is original, it is not good, and where it is good, it...
Reply
post #10 of 25

I advise all Fandroids to immediately install this app, I hear that it's awesome, and I can highly recommend it.

 

It'll fit right in with all of the other malware found on Android.

 

And ignorant Fandroids are talking about Apple's Touch ID? Hell, every Android device itself is a huge security threat, thanks in no small part to their malware infested store.

 

I also read that Blackberry couldn't release BBM (and had to delay it) because there was a crapload of fake BBM's on the Google store? 

 

If I was looking for the least secure platform around, running the shittiest and most lag ridden OS around, running on huge, ridiculous looking clown phones made for posers and poor people, I'd certainly choose Android without any doubt.

post #11 of 25
Google might pull it. Not for the copyright or security issues but for the lack of google ads.
post #12 of 25
That's open source for ya!
post #13 of 25
So it does connect to Apple servers?? Strange stuff and certainly looks unsavory.

EDIT: Reviewers say it collects Apple ID's?
"The contacts import only imports phone numbers of people who have iPhones not the rest. So you can't use it as your main message app. Plus I can't seem to message with people who have iPods only. Plus I live in Canada and no US iphones contacts imported. Also I think it depends how the iPhone user setup their iMessage."

Yup, needs to go!

EDIT2: Appears Google is blocking any further installs? Apparently attempts to download it get "This app is incompatible with all of your devices".

Just tried it for myself on a Nexus 7 and that's what I see too.
Edited by Gatorguy - 9/24/13 at 10:36am
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #14 of 25

HAHA! And what was that I recently saw Fandroids posting that Google doesn't allow apps like this into Google Play, and that if they do make it in, they are immediately pulled? 10,000-50,000 downloads already and Google has yet to lift a finger?

 

I guess all those reports by anti-virus companies and security agencies warning of the malware threats on Android were 100% justified!

post #15 of 25
Don't see anything wrong with this at all. Their server is a mac which has access to the OS X Messaging framework, which they must have used to register multiple accounts. So the android app sends the message to their OS X server which then sends it on to Apple. Similarly when a message is received by OS X it forwards it on to the users device. The only risk would be if they are storing the login information and not just the sign on tokens but thats the same worry with any 3rd party multi protocol messaging app and people were using Adium for years without a care.
post #16 of 25
Quote:
Originally Posted by indiekiduk View Post

Don't see anything wrong with this at all. Their server is a mac which has access to the OS X Messaging framework, which they must have used to register multiple accounts. So the android app sends the message to their OS X server which then sends it on to Apple. Similarly when a message is received by OS X it forwards it on to the users device. The only risk would be if they are storing the login information and not just the sign on tokens but thats the same worry with any 3rd party multi protocol messaging app and people were using Adium for years without a care.

Are you serious, or just trolling? Did you not read the tidbit about the app having permissions to install new .apk binaries in the background without user consent? This is straight-up MALWARE/VIRUS material, and you're condoning it?

 

Fine, you're Android, the land of the clueless, enjoy the app, and all the trash it sideloads onto your device.

post #17 of 25

Plenty of iOS 7 envy among Android users.  But not to worry.

Plenty of fake iOS 7 apps and wallpapers on Google Play:

 

https://play.google.com/store/search?q=ios+7&c=apps

Sent from my iPhone Simulator

Reply

Sent from my iPhone Simulator

Reply
post #18 of 25

Its officially been pulled from the Google Play Store

 

https://play.google.com/store/apps/details?id=com.huluwa.imessage

post #19 of 25
Well hey, Android fanboys enjoy their not so restricted OS and find their peepee pics on some Chinese server...lol.
post #20 of 25
Quote:
Originally Posted by Apple ][ View Post
 

I advise all Fandroids to immediately install this app, I hear that it's awesome, and I can highly recommend it.

 

It'll fit right in with all of the other malware found on Android.

 

And ignorant Fandroids are talking about Apple's Touch ID? Hell, every Android device itself is a huge security threat, thanks in no small part to their malware infested store.

 

I also read that Blackberry couldn't release BBM (and had to delay it) because there was a crapload of fake BBM's on the Google store? 

 

If I was looking for the least secure platform around, running the shittiest and most lag ridden OS around, running on huge, ridiculous looking clown phones made for posers and poor people, I'd certainly choose Android without any doubt.

 

I think it's great that you finally saw the light and endorse Android for all the wonderful "open" things it allows the user - and stealthy developers to do... I especially love the picture of a shitcan used as the logo.  It seems fitting for such a well-received OS. ;)


Edited by sflocal - 9/24/13 at 11:41am
post #21 of 25
Quote:
Originally Posted by Mac Voyer View Post
 

 

On what basis? Copyright or trademark infringement? That it is unsavory and sleazy? Tell me, what part of the Android values system does this violate. As near as I can tell, there is no Android values system. 

 

Are you joking?  IMESSAGE is a registered trademark of Apple, Inc.  No one can sell a product in that space by that name.

 

At least make an attempt before posting. Less than 5 seconds (1 easy search) found this, with a picture of the certificate and everything:

  http://www.patentlyapple.com/patently-apple/2012/11/apples-imessage-is-now-a-registered-trademark.html

No Matte == No Sale :-(
Reply
No Matte == No Sale :-(
Reply
post #22 of 25
Quote:
Originally Posted by Blah64 View Post

Are you joking?  IMESSAGE is a registered trademark of Apple, Inc.  No one can sell a product in that space by that name.

At least make an attempt before posting. Less than 5 seconds (1 easy search) found this, with a picture of the certificate and everything:
  http://www.patentlyapple.com/patently-apple/2012/11/apples-imessage-is-now-a-registered-trademark.html

He's saying Android is like the Wild West. Anything goes.
post #23 of 25
Originally Posted by Mac Voyer View Post

On what basis?

 

Guess you’d be okay making an incorporated computer company and calling it “Apple”, then. Have at it! Tell us what being homeless is like.

Originally Posted by Marvin

The only thing more insecure than Android’s OS is its userbase.
Reply

Originally Posted by Marvin

The only thing more insecure than Android’s OS is its userbase.
Reply
post #24 of 25
Quote:
Originally Posted by jungmark View Post


He's saying Android is like the Wild West. Anything goes.

 

Ridiculous (if that's really what he thinks; you may be correct, but you're speculating).  The Android app market is indeed the wild west, which is why I would never consider using an Android device even if it was 100% free forever.  But Google is a U.S.-based company, and they do not get to skirt Trademark law.  I'm sure that's why it's been pulled from the store.

No Matte == No Sale :-(
Reply
No Matte == No Sale :-(
Reply
post #25 of 25
Does this seem of a sign of "hacker" and or "liar"
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
  • Fake iMessage app for Android spoofs Mac mini, routes chats through China [u]
AppleInsider › Forums › Mobile › iPhone › Fake iMessage app for Android spoofs Mac mini, routes chats through China [u]