McAfee have detected a trojan in the Google Play Store designed for Japanese users who on clicking a preview trailer or downloading anime pornography have their presonal and sensitive information sent to a remote server. McAfee Mobile Security detected the threat as Android/DougaLeaker.A, it said in a blog post.
“When the application is about to be installed, two suspicious permissions – read contact data and read phone state and identity – are requested. Neither is needed for the principal purpose of the application, which is to display a video from the Internet.”
The first request downloads the users Android ID, contact list and phone number.While this data is being collected, the victim is distracted by a loading screen while the video is downloaded. Once the information is obtained, the malicious application sends it to a remote server. The application then requests a video from the same server and projects it to the user’s phone using a Videoview component. This is a gift from the hackers to say thank you for letting them steal your information.
McAfee said that it has so far discovered 15 of these types of applications from two different developers and warned, “Users should verify in the Google Play market prior installation that the application does not request permission to perform actions not related to its purpose.
According to Google Play statistics, over 70,000 users have downloaded these malicious applications. McAfee said that these two malware apps have since been removed from Google Play.
Source: The Inquirer (http://s.tt/19m2B)