Apparently, it steals your phone's unique identifier and contact data.
In this case, the app gathers the Android ID - not the IMEI code that can uniquely identify the device, but the 64-bit number that is randomly generated on the device's first boot and remains with it for the life of the device. The app also harvests the phone's phone number and contact list, along with every name, phone number, and email of every person in the contact list.
Engine - Thanks for posting this. I was talking with a client the other day and he had downloaded an app from a website for his droid. The app was no longer available on the market/play. As he was telling me about it he began to realize that might not have been a good thing to do.
I wonder if the standard anti malware apps for the droid would catch this or not?