Android Video App Steals Contacts List

Matthew Broersma,
Android hack smartphone Goolgle

A Trojan found in video applications on the Google Play market has affected at least 70,000 users, McAfee has warned

Tens of thousands of Android users have been affected by a Trojan horse that steals sensitive information from handsets, security firm McAfee warned on Friday.

The Trojan appeared on the official Google Play market and was aimed at Japanese-language users. McAfee said it has found more than a dozen variants of the Trojan.

Privacy risk

“So far we have discovered 15 applications from two developers that, according to Google Play statistics, have been downloaded by at least 70,000 users,” wrote McAfee researcher Carlos Castillo in a blog post. “Due the privacy risk that these applications represent to Android customers, all of them have been removed from the market.”

The Trojan promises to display trailers of upcoming Android video games, animation or adult videos downloaded from the Internet, but first makes two unusual requests for permissions: “read contact data” and “read phone state and identity”, Castillo said.

“Neither is needed for the principal purpose of the application, which is to display a video from the Internet,” Castillo wrote.

The Trojan harvests three pieces of sensitive data from the handset: Android ID, a 64-bit random number that uniquely identifies each device, the device’s phone number, and the handset’s contact list, including names, telephone numbers and emails.

Caution

While this operation is carried out the user is shown a “loading” message. If the data is successfully harvested, the application downloads a video and displays it. If not, the device displays an error message in Japanese.

McAfee warned users to exercise caution when downloading applications from the Google Play market.

“Users should verify in the Google Play market prior installation that the application does not request permission to perform actions not related to its purpose,” Castillo wrote.

Google launched Google Play last month, combining Android Market, Google Music and the Google eBookstore. The company has rebranded videos, books and music apps as “Google Play Movies, Google Play Books and Google Play Music apps”. Google says some 450,000 Android apps and games are available for download, compared with Apple’s App Store, which offers more than 550,000 apps for the iPhone, iPad and iPod Touch.

Malicious code has been a constant problem for the Android platform. Malware targeting Android grew by 3325 percent in the last seven months of 2011, more than for any other platform, according to Juniper’s 2011 Mobile Threat Report.

Android malware accounted for about 46.7 percent of unique malware samples that targeted mobile platforms, followed by 41 percent for Java Mobile Edition.

How well do you know Internet security? Try our quiz and find out!