During the DefCon Hacker's Convention this year, a company called Spider Labs demonstrated a tool of theirs that can read the emails and SMS messages. The tool was made available to attendees of the conference, and it wouldn't surprise me if it has already made it's way onto the net by now. The hackers/security experts/tool developers said that the purpose of the tool, called a "root-kit", is to pressure Google and or the manufacturers to address the security issues.
According to Reuters, the software took only two weeks to put together which could allows criminals to gain access to others handset and steal the information within:
"There are people who are much more motivated to do these things than we are," he added.
The tool is a so-called root kit that, once installed, allows its developer to gain total control of Android devices, which are being activated by consumers at a rate of about 160,000 units per day, according to Google.
"We could be doing what we want to do and there is no clue that we are there," Percoco said.
TalkAndroid mentions that Spider Labs tested the program on an HTC Desire and an HTC Legend, but Spider Labs expressed their opinion that other Android phones are vulnerable to the attack.
Phandroid notes that there was another serious security flaw last year where "Google, Apple, and other software vendors found themselves pushing out updates within days to fix it. If this is anything like that, then I’m sure Google’s already hard at work to take care of that."
Image from TalkAndroid