Over the past months, Japanese authorities have managed to arrest the members of several cybercriminal organizations responsible for the creation and distribution of pieces of malware that target Android users.
However, according to researchers from Symantec, Android malware continues to thrive in Japan.
On one hand, some of the apprehended cybercriminals were set free after prosecutors failed to find evidence against them.
For instance, the creators of Android.Dougalek – installed by unsuspecting users around 90,000 times – were set free after they argued that their apps requested permission to read contact data, making their activities legal.
Now, there’s a new group that’s busy sending out spam emails in an attempt to convince users to install applications that contain the Android.Enesoluty malware.
The shady emails sent out by the crooks appear as if they come from Android App Magazine or Smart Magazine in order to make them legitimate looking.
Several applications have been found to hide Enesoluty, including ones that should improve battery life and phone reception, antivirus apps, and entertainment applications.
Once it finds itself on a phone, the malware harvests contact details and uploads them to a remote server. The collected email addresses are then utilized to spam their owners with pharmaceutical products, dating services, and other shady sites.
Enesoluty isn’t the only Android malware currently doing the rounds in Japan. Experts say that sites hosting Android.Loozfon and Android.Ecobatry are still accessible.
Interestingly, the Sumzand malware, which has been known to be one of the most prevalent in Japan, has faded away for some unknown reason.
Users (not only ones from Japan) are advised never to install applications that originate from untrusted sources. Furthermore, they’re recommended to refrain from clicking on links that arrive in unsolicited emails.
Finally, a mobile security application is highly recommended, since it can keep them out of trouble in many cases.