Sep 24 AT 12:15 PM Dima Aryeh 21 Comments

iMessage Chat for Android brings functionality, security risk

iMessage Chat

There are quite a few things keeping Apple users in the ecosystem, but a huge feature is iMessage. It’s a cross platform messaging client that only supports Apple platforms, like iOS and OSX. It’s a basic chat client like every other, but the way it integrates into the iOS Messaging app is what draws a lot of people to it. Plus, with so many using it, some don’t want to leave it behind.

In really big news, someone has gotten iMessage to work on Android! There is a big catch though, and that’s a possible security issue. But the app is available for free on the Play Store, and after signing in with your Apple ID, it indeed works and sends iMessages to Apple users.

Someone getting this very closed service working on Android is in itself big news, and I think that’s an awesome achievement. But there is no describing the risk you’d be taking in downloading this app. According to Jay Freeman (better known as famous iOS hacker Saurik), each message is sent through a Chinese server before reaching Apple. All of your messages could be read, saved and even modified without your knowledge.

Also, you’re giving your password to an unofficial app. There isn’t an authentication system through a third party; you’re just giving your ID and password to the developer. I don’t think it needs explaining how potentially dangerous this could be to your security. This is the same ID you use to purchase things with your credit card from iTunes.

We have linked the app for those curious enough to try it, but we simply can’t recommend you download this for any reason. Though nothing has been proven, it might be very unsafe. Still, it’s pretty amazing that iMessage has been modified to work on our favorite mobile operating system. What are your thoughts on the situation? Leave a comment!

 

Update: The app has been pulled. With fooling Apple’s servers, possibly spying on people, and the possibility of running malicious code not ruled out, it seems that either Google or Apple wasn’t happy about this app being available.

Source: Graham Cluley, +Jay Freeman

Dima Aryeh is a Russian obsessed with all things tech. He does photography, is an avid phone modder (who uses an AT&T Galaxy Note II), a heavy gamer (both PC and 360), and an aspiring home mechanic. He is also an avid fan of music, especially power metal.

    Most Tweeted This Week

  • mmitchum

    My thoughts: Why would you hand someone Pandora’s box, tell them not to open it and walk away. Good news story, bad idea providing the link…

    • http://www.androidandme.com Dima Aryeh

      It’s a lot like a hacker finding an exploit and publishing it. It’s building awareness and allowing those who are willing to test it. There will be those users who will download it specifically to decompile it and dig through it.

      • mmitchum

        Good point there. Thanks for the reply.
        #NeverStopLearning

        • Jason L. Gatewood

          Best comment and reply thread ever. I tried to explain this very concept on another site and was met with trolls… I hope one day this entices Apple to offer it to us Android folks… I’d actually pay 99 cents to have iMessage on my Galaxy so I can talk to my iPhone friends…

  • *d.*

    well what if you don’t buy anything or even use itunes? if your only goal was to chat via imessage with your friends, nothing sensitive, what is the risk?

    • androidawg

      Letting a server in a country not known for respecting privacy have complete access to all of the messages to and from your account.

  • A^

    he’s talking to those of us that make purchases through the apple id that most people would tend to imessage on.

  • oto

    Thats way u test with fake id to..

  • asifriyaz

    link is broken

  • Cody Lowenstein

    The apps been pulled

  • ufmace

    Looks like they pulled the app and the developer’s account. Too bad, I probably would have used it. I don’t have any Apple stuff, so I would just create a new ID for messaging only. Who cares if somebody in China is listening to it when the NSA is probably already listening anyways?

    • http://www.androidandme.com Dima Aryeh

      There is a big possibility of the app running malicious code too.

      • Trevor Cameron

        Dima… Keep your eyes on this! I’m curious if someone else will make an .apk that we can sideload, or if anyone breaks down the code and finds anything malicious!

        • http://www.androidandme.com Dima Aryeh

          They’ve already found that it goes through Chinese servers, which is suspicious enough for me not to use it :P but I’ll keep a look out for an alternative source

  • Dave Kratter

    “It’s a cross platform messaging client that only supports Apple platforms, like iOS and OSX.”

    Gotta love that statement.

  • Adam Snyder

    Looks like the app may have been pulled

  • donger

    Wouldn’t trust this app.

  • Brave tester

    I do trust this app.
    First, you can open a new AppleID, so there is ZERO risk about purchases.
    2nd, everything is working, text, emoji, photos.. ruling out a harvesting intention.
    3rd, I have monitored and not seen any suspicious activity. It doesn’t even kill my battery like Kik does!
    4th, the owner’s website clearly show enthusiast (and talented) developers.
    5th, the chinese gov cannot put me in jail, the NSA/FBI/IRS CAN
    6th, I can now message all those pretty girls from usa with my $60 china made android gingerbread hahaha

    So instead of talking negatively why don’t you recognize the awesome feat from that Hu guy, doing what no americunt hacker has done AND focus on how much Apple has always screwed you, lied about the security in their “made in china” iPhones?

  • honourbound68

    it’s a shame that there is iMessage is closed. I’ve been trying to get my kids to use Hangouts for messaging me (they have iPads and I obviously have an Android phone). unfortunately for me, all their friends, cousins and my ex all use iPhone or iPads so my kids default to using iMessage. I hate that I have to keep my tethering on all day so I can receive their messages on my ipod touch and I refuse to get an iPhone. If ONLY this app were legit and safe, I’d be the first one to buy/use it :(

  1. My thoughts: Why would you hand someone Pandora’s box, tell them not to open it and walk away. Good news story, bad idea providing the link…

    • It’s a lot like a hacker finding an exploit and publishing it. It’s building awareness and allowing those who are willing to test it. There will be those users who will download it specifically to decompile it and dig through it.

      • Good point there. Thanks for the reply.
        #NeverStopLearning

        • Jason L. GatewoodGuest 2 years ago

          Best comment and reply thread ever. I tried to explain this very concept on another site and was met with trolls… I hope one day this entices Apple to offer it to us Android folks… I’d actually pay 99 cents to have iMessage on my Galaxy so I can talk to my iPhone friends…

  2. *d.*Guest 2 years ago

    well what if you don’t buy anything or even use itunes? if your only goal was to chat via imessage with your friends, nothing sensitive, what is the risk?

  3. A^Guest 2 years ago

    he’s talking to those of us that make purchases through the apple id that most people would tend to imessage on.

  4. otoGuest 2 years ago

    Thats way u test with fake id to..

  5. Cody LowensteinGuest 2 years ago

    The apps been pulled

  6. Looks like they pulled the app and the developer’s account. Too bad, I probably would have used it. I don’t have any Apple stuff, so I would just create a new ID for messaging only. Who cares if somebody in China is listening to it when the NSA is probably already listening anyways?

  7. “It’s a cross platform messaging client that only supports Apple platforms, like iOS and OSX.”

    Gotta love that statement.

  8. Looks like the app may have been pulled

  9. Wouldn’t trust this app.

  10. Brave testerGuest 2 years ago

    I do trust this app.
    First, you can open a new AppleID, so there is ZERO risk about purchases.
    2nd, everything is working, text, emoji, photos.. ruling out a harvesting intention.
    3rd, I have monitored and not seen any suspicious activity. It doesn’t even kill my battery like Kik does!
    4th, the owner’s website clearly show enthusiast (and talented) developers.
    5th, the chinese gov cannot put me in jail, the NSA/FBI/IRS CAN
    6th, I can now message all those pretty girls from usa with my $60 china made android gingerbread hahaha

    So instead of talking negatively why don’t you recognize the awesome feat from that Hu guy, doing what no americunt hacker has done AND focus on how much Apple has always screwed you, lied about the security in their “made in china” iPhones?

  11. it’s a shame that there is iMessage is closed. I’ve been trying to get my kids to use Hangouts for messaging me (they have iPads and I obviously have an Android phone). unfortunately for me, all their friends, cousins and my ex all use iPhone or iPads so my kids default to using iMessage. I hate that I have to keep my tethering on all day so I can receive their messages on my ipod touch and I refuse to get an iPhone. If ONLY this app were legit and safe, I’d be the first one to buy/use it :(