Security experts and Kakao are warning users of the KakaoTalk instant messaging app about Trojanized and fake apps that leverage the application’s popularity.
Trend Micro experts have come across a Trojanized version of KakaoTalk that’s designed to harvest contact information, text messages and phone settings.
Cybercriminals took a legitimate version of the app and added malicious code to it. Unlike the genuine application, the Trojanized KakaoTalk (ANDROIDOS_ANALITYFTP.A) asks for a large number of permissions when it’s installed.
This particular threat has been distributed via email.
However, this is not the only malicious element that leverages the KakaoTalk brand. Around a month ago, Kakao warned users about a so-called KakaoTalk Security Plugin designed to send spam text messages to all contacts.
In this case, the bogus security plugin was distributed via a hacked Google Play developer account.
A redirector app was uploaded to the compromised developer account. This redirector was set up to serve ads that led to various applications, including the fake security plugin.