There have been reports that the HTC Sensation 4G, HTC EVO 3D HTC ThunderBolt and myTouch 4G Slide that could allow hackers to access user information through the HTCLogger.apk. It is not clear if the HTC Rhyme or HTC Status are effected.
The threat is being investigated by HTC and has not been known to cause any major threat, yet.
Please note the recent update to Android 2.3 for the HTC ThunderBolt that has been suspended does not address this security flaw.
HTCLogger allows any app that has access to android.permission.INTERNET on devices to see:
- How long you use apps.
- Phone identity information Radio/logcat/event logs.
- IP addresses.
- Mobile network.
- Wi-Fi.
- Bluetooth.
- GPS location.
All it needs is permission Internet which many market apps use.
HTC stated, "HTC takes our customers' security very seriously, and we are working to investigate this claim as quickly as possible. We will provide an update as soon as we're able to determine the accuracy of the claim and what steps, if any, need to be taken."
HTC is expected to release the HTC Vigor or HTC Rezound and HTC Holiday/Raider in the fall.