14 DAY TRIAL // Malicious apps designed for extortion purposes against Android users have become more prevalent in the recent months, as researchers catch several dozen new samples.
The extortion scam has a simple pattern and relies heavily on social engineering, as the crooks try to trick the victim into an exchange of content, sexual in nature, only to issue a threat that the data would be shared with the victim’s contacts.
Hundreds of dollars may be demanded by the attackers
An attacker searches for stooges on a social network by sending out messages that appear to be from an attractive person of the opposite gender. As the “relationship” develops, crooks start asking for private videos or images.
If the victim agrees, the next step is to convince them to install an app under a pretext related to the established type of interaction. However, the software is malicious and is designed to scour the mobile device in search of explicit content and personal information.
Joji Hamada of Symantec says that the phone number of the victim and the entire list of contacts are among the details exfiltrated by the malware to the crook’s server. The purpose of this is to gain leverage against the victim when making the threat, as the extortionists can rely on a host of recipients that know the victim, thus increasing the pressure.
In the last stage of the attack, the crooks make their financial demand, and in most cases, the victims pay. Hamada says that this nefarious business can sometimes cause the victim hundreds and even thousands of dollars in losses.
Permissions of the app should fit its purpose
This type of scam is more spread in countries in Asia, users in South Korea and Japan being the most targeted.
The researcher says that the code of the malware is always the same, but there are differences in the address used for retrieving the personal information.
“Symantec has recently observed the following applications used in variants of this attack. English translations of the name of the apps include My Gallery, My Blog, Photobook, Online Chat, and Text-to-speech,” a blog post from Hamada published on Thursday informs.
One method to prevent the leak of personal data to unknown individuals who recommend adding a specific app to your Android device is to check the list of permissions. Anything that looks out of place is a reason for concern. For instance, a game does not need to be able to make calls or to access the list of contacts.