Scoop has an Ethical Paywall
Licence needed for work use Learn More

Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search

 

Spammers getting cheeky with "X-Ray vision" apps

Thursday, 21 March 2013, 9:53 am
Press Release: Symantec

Spammers getting cheeky with "X-Ray vision" apps to lure victims

Ever heard of an app that allows X-Ray vision through clothes?

The Symantec Response Team recently monitored a malicious app known as Android.Uracto that sends spam messages by text to phone numbers stored in the device’s Contacts. Recipients are easily tricked because the invitation to download the app is coming from someone they know rather than from an unknown sender.

The link takes the user to a site (shown in the image below) which introduces an app called “Infrared X-Ray” that supposedly allows the user to see through clothes when viewed through the device’s camera and of course also allows pictures to be taken. Not surprisingly the app does not work. However, once executed, details stored in the device’s Contacts are uploaded to a predetermined server.

Further investigations conducted by Symantec have led to the discovery of ten similar apps developed by the same group of spammers. The servers hosting the domains appear to be located in Singapore and in Georgia in the United States.

Though the apps look different in appearance, they can be categorised into three main variants:
1. Steals data stored in the device’s Contacts.
2. Steals contact details but also sends text messages, containing a link to download the malicious app, to all the contacts.
3. Steals contact details and attempts to scam the victim into paying for fake services.

Advertisement - scroll to continue reading

More information is available in the following Symantec Security Response blog posts:
• Android Malware Spams Victim’s Contacts
• Android.Uracto Used to Trick Mothers, Anime Fans, Gamers, and More

Symantec advises users to refrain from clicking links found in messages such as emails and text messages from unknown senders as well as suspicious messages from known senders. Furthermore, only download apps from trustworthy vendors. Users who have installed one of Symantec’s security apps, Norton Mobile Security or Symantec Mobile Security, are protected from this threat, which is detected as Android.Uracto. For more general safety tips for smartphones and tablets, please visit our Mobile Security website.

To stay updated on cyber security threats such as the above, follow us at @SymantecASEAN.

ends

© Scoop Media

Advertisement - scroll to continue reading

Are you licensed for Scoop?

Scoop is free for personal use, but you’ll need a licence for work use. This is part of our Ethical Paywall and how we fund Scoop without a regular paywall. Join today with plans starting from just $11 per month, and start using Scoop like a Pro.

Join Pro Individual Find out more

Find more from Symantec on InfoPages.
 
 
 
Business Headlines | Sci-Tech Headlines

BUSINESS, SCIENCE & TECH


 
work Join Scoop Pro
 
Submit News
 
person_add Become a Member
 
 
 
 
 

InfoPages News Channels

Inventory Management
 
 

LATEST HEADLINES

  • BUSINESS
  • SCI-TECH
 
 
 

Join Our Free Newsletter

Subscribe to Scoop’s 'The Catch Up' our free weekly newsletter sent to your inbox every Monday with stories from across our network.