Symantec Corp. has identified new Android malware hidden in an application featuring the popular Anime character Anaru. If downloaded, the application steals contact data from the victim's device.
The app is not available on Google Play, as far as I am aware of, and is only available on these dedicated websites.
Called Android.Maistealer, the application requests permission to access contact data, a function that shouldn't be required for this type of application, Symantec said. After the installation process, the application provides the service it advertised: It allows a user to use the touchscreen to manipulate Anaru's body.
The Maistealer app is advertised using spam written in Japanese, Symantec's Joji Hamada said. Users are directed to a website that looks like the official Google Play store. "The app is not available on Google Play, as far as I am aware of, and is only available on these dedicated websites," Hamada wrote.
Security firms have shown concern about mobile malware in the last month. Mobile security firm Lookout Inc. warned about the growing prevalence of malicious mobile applications in its State of Mobile Security 2012. McAfee Inc. reported that malware has been on the rise in 2012, and Android devices are the main targets.
Symantec discovered Maistealer in July when the application was in the testing phase. Since then, its makers have made Maistealer fully functional and have developed another way to attack Android users. Symantec also has detected another malicious application from the same group: Android.Enesoluty poses as a fake battery-saver application called EnergyHelper1.
Enesoluty plays on users' dissatisfaction with Android battery life, Symantec says. "Users are tricked into believing that the malicious app is a handy utility that saves battery life or charges the battery by turning the screen into a solar panel," Hamada wrote. "These types of apps have become very popular among Japanese scammers."
This is a common point of attack among Japanese Android scams. Other malware using this approach include Android.Ackposts, Android.Ecobatry, and Android.Sumzand.
Like Maistealer, Enesoluty steals personal information during the installation process. Once it is installed, the app appears to run, then states that it is incompatible with the device.
Symantec advises mobile users to visit established and trusted application markets when they download applications.