First thing first, it’s not because of Android, rather this whole mess is due to HTC, which thought of logging various information, such as email addresses, SMS data, location, phone numbers, system logs and more on smartphones.
In it’s latest devices, such as EVO 3D, EVO 4G, Sensation and Thunderbolt, HTC is criticized for logging plentiful of user data – which is now exposed with any application that has network access.
A team at AndroidPolice has discovered that updates for latest HTC phones can collect and store data, which is good in way, but extremely dangerous as anyone can write an application to access the data.
In short, any data in your phone can be made available to potential exploiters who can use it their way. Another tragedy is that there’s no way of recognizing such applications which can exploit your personal data.
For instance, a innocent looking game that apparently accesses internet to post your top scores can be accessing your private data and posting it back to the exploiter.
How to Avoid:
To get rid of this vulnerability you must root your device, in order to remove Htcloggers (you can find it at /system/app/HtcLoggers.apk).
Stay safe and don’t download suspicious apps. Of course, even quality-looking apps can silently capture and send off this data, but the chance of that is lower.
For further reading