A bug in Android smartphones made by HTC exposes users' personal data to any application that requests it.
The bug allows a program that has permission to access the Internet
The affected user data includes email addresses, GPS locations, stored phone numbers and the encoded contents of text messages.
It was not clear as of Sunday whether an intruder would be able to decode the text messages. Banks sometimes use text messages to send one-time passwords for account access, so someone with the ability to intercept and decode that message could compromise a user's bank account.
HTC verified that the flaw exists and said
"Sometimes similarly named apps get into the Android Market," the article said. "If you're downloading what's supposed to be a popular app, and you see that it's only got twenty downloads, you might wanna reconsider."