An information-stealing piece of Android malware that is currently being used in a campaign aimed specifically at female Japanese users has been spotted by Symantec researchers.
It all starts with emails offering instructions on how to make easy money online or offering the option of being introduced to wealthy men.
In the former example, the malware is hosted on the site to which the link in the email points, while in the latter a click on the link included in the email triggers the automatic download of a bogus app containing the Trojan:
Interestingly enough, the app is titled “Will you win?” and it doesn’t even appear to have anything to do with earning money online or meeting wealthy men.
“If the app is installed and launched, it counts down from two to zero and then states that the user has lost. The app is programmed to lose every time, although there is nothing to either lose or win,” the researchers point out.
Still, the victims do lose something, as the contact details stored on their device and their phone number gets harvested and sent to the malicious individuals behind the bogus app. This information will later be sold to other spammers or used by this same group, possibly to lure users to dating service sites.
As the researchers point out, the sheer amount of similar scams makes it difficult for users to spot all, but here’s a few good rules of thumb: don’t follow links embedded in emails received from people you don’t know and review the permissions asked for by an app closely and carefully.