Spammers getting cheeky with "X-Ray vision" apps
Spammers getting cheeky with "X-Ray vision" apps to lure victims
Ever heard of an app that allows X-Ray vision through clothes?
The Symantec Response Team recently monitored a malicious app known as Android.Uracto that sends spam messages by text to phone numbers stored in the device’s Contacts. Recipients are easily tricked because the invitation to download the app is coming from someone they know rather than from an unknown sender.
The link takes the user to a site (shown in the image below) which introduces an app called “Infrared X-Ray” that supposedly allows the user to see through clothes when viewed through the device’s camera and of course also allows pictures to be taken. Not surprisingly the app does not work. However, once executed, details stored in the device’s Contacts are uploaded to a predetermined server.
Further investigations conducted by Symantec have led to the discovery of ten similar apps developed by the same group of spammers. The servers hosting the domains appear to be located in Singapore and in Georgia in the United States.
Though the apps look different in appearance, they
can be categorised into three main variants:
1. Steals data stored in the device’s Contacts.
2. Steals contact details but also sends text messages, containing a link to download the malicious app, to all the contacts.
3. Steals contact details and attempts to scam the victim into paying for fake services.
information is available in the following Symantec Security
Response blog posts:
• Android Malware Spams Victim’s Contacts
• Android.Uracto Used to Trick Mothers, Anime Fans, Gamers, and More
Symantec advises users to refrain from clicking links found in messages such as emails and text messages from unknown senders as well as suspicious messages from known senders. Furthermore, only download apps from trustworthy vendors. Users who have installed one of Symantec’s security apps, Norton Mobile Security or Symantec Mobile Security, are protected from this threat, which is detected as Android.Uracto. For more general safety tips for smartphones and tablets, please visit our Mobile Security website.
To stay updated on cyber security threats such as the above, follow us at @SymantecASEAN.