Symantec has identified a series of apps in the Google Play app store that could be stealing Japanese Android users’ personal information, including their contacts’ information. The apps come with a “the Movie” tacked onto the end of their names, but many don’t share that name when installed onto a user’s phone. The apps ask permission for full internet access and the ability to read contact data. When the apps are opened, they appear to download videos, but they also use the phone’s data connection to connect to an external server where contact information is uploaded.
A person or persons has been listing these apps since February. They all share a common code base, and Symantec has identified 29 suspicious apps so far. Joji Hamada writes at the Symantec blog:
Originally the apps posted were not game related, but were random ones including apps of an erotic nature, a contact management app, a recipe app, and a diet assistant app to name a few. But the number of downloads were low. Then in late March, a bunch of apps with names ending in “the Movie” were released. These apps caught the attention of a large number of users who installed them.
It is unknown what use the information being stolen will be put to, but a criminal with email addresses, phone numbers, and physical addresses of thousands of users can be sure to find a nefarious purpose for them, or at least a buyer for the info. Though these malware apps are confined to Japanese Android users, Android users elsewhere should still be on their guard. Mobile attacks are on the rise, and just last week a fake Angry Birds Space malware app was discovered. Compared to Apple’s App Store, Google’s Play is very lax about the types of and amount of apps it accepts. Know what an app is before you download it, and look through the permissions the program asks for.
Have a story of suspicious Android Apps or an infected smartphone? Let me know in the comment section below.