Among these applications, erratic type of application using provocative title has emerged.
And found application can steal phone’s information in a common.
In Korea, these mobile malicious applications have not emerged and damaged so far.
Since the scope of using smart phone is getting wider with various functions including financial, transportation, and most of our life. So, users using Android device need special attention about these provocative titled malicious applications.
2. Spreading path and symptoms of infection
This malicious application could be downloaded via Android market though, it has been blocked.
But in case of this kind of malicious application, it can be spread via black market and 3rd party market, it shows permission requirement screen on installation.
Indeed, since this malicious application is spreading with provocative title, it is hard to resist temptation to download and install.
These malicious applications contain permission setting code as following.
After the installation is completed, it requires agreement of suspicious permissions.
After the procedures above, this malicious application prints lascivious photos.
Finally this malicious application can acquire smartphone’s internal information including IMEI/IMSI information, OS version, and installed applications information, and so on with following malicious code.
Based on our analysis, this application can perform malicious functions on changing phone’s status with following malicious code.
3. How to prevent
This kind of provocative malicious application for Android has its own and unique vulnerability to make user want to be clicked and downloaded due to its own lascivious title.
To use smartphone safely from security threats of these malicious applications, we recommend following tips "Smartphone security management tips" for general users.
INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function with nProtect Mobile for Android for mobile such as malicious file stated above and runs responding system against various security threats.