14 DAY TRIAL // On Monday, we learned about a malicious Infrared X-Ray Android app targeting users from Japan. Symantec has continued to investigate Android.Uracto, the malware that’s hidden in the application, and has found additional apps masquerading it.
A total of 10 new apps have been discovered, being advertised as video game emulators, adult video viewers, fortune teller apps, and celebrity gossip apps.
Experts say that the malicious applications fall into three categories: ones that simply steal contact data from the infected device, ones that steal the contacts and send them SMSs to advertise the applications, and ones that steal contacts and try to convince users to pay for fake services.
For the time being, it’s uncertain how internauts are lured to the sites hosting these apps, but researchers believe the cybercriminals might be using spam messages.
Another noteworthy fact is that Uracto shares common code with Android.Enesoluty and Android.Maistealer, both pieces of malware being designed to target Japanese users.
Experts say that the malicious apps are either created by the same group, or the same malware developer has been hired by two different criminal organizations.