News

Android malware uses Anime character Anaru to entice users

Moriah Sargent, Contributor

Symantec Corp. has identified new Android malware hidden in an application featuring the popular Anime character Anaru. If downloaded, the application steals contact data from the victim's device.

    Requires Free Membership to View

The app is not available on Google Play, as far as I am aware of, and is only available on these dedicated websites.

Joji Hamada,
Symantec Corp.

Called Android.Maistealer, the application requests permission to access contact data, a function that shouldn't be required for this type of application, Symantec said. After the installation process, the application provides the service it advertised: It allows a user to use the touchscreen to manipulate Anaru's body.

The Maistealer app is advertised using spam written in Japanese, Symantec's Joji Hamada said. Users are directed to a website that looks like the official Google Play store. "The app is not available on Google Play, as far as I am aware of, and is only available on these dedicated websites," Hamada wrote.

Security firms have shown concern about mobile malware in the last month. Mobile security firm Lookout Inc. warned about the growing prevalence of malicious mobile applications in its State of Mobile Security 2012. McAfee Inc. reported that malware has been on the rise in 2012, and Android devices are the main targets.

Symantec discovered Maistealer in July when the application was in the testing phase. Since then, its makers have made Maistealer fully functional and have developed another way to attack Android users. Symantec also has detected another malicious application from the same group: Android.Enesoluty poses as a fake battery-saver application called EnergyHelper1.

Enesoluty plays on users' dissatisfaction with Android battery life, Symantec says. "Users are tricked into believing that the malicious app is a handy utility that saves battery life or charges the battery by turning the screen into a solar panel," Hamada wrote. "These types of apps have become very popular among Japanese scammers."

This is a common point of attack among Japanese Android scams. Other malware using this approach include Android.Ackposts, Android.Ecobatry, and Android.Sumzand.

Like Maistealer, Enesoluty steals personal information during the installation process. Once it is installed, the app appears to run, then states that it is incompatible with the device.

Symantec advises mobile users to visit established and trusted application markets when they download applications.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: