You Are Here: Home » E-Threats » Android “InfoStealer” Poses as Japanese Phonebook App

Android “InfoStealer” Poses as Japanese Phonebook App

Bitdefender Labs recently analyzed an Android app that collects geolocation data, device IDs, email addresses and more. Although no longer available in the official store, the app lures users with the promise of access to a comprehensive Japanese database with advanced queries based on name, location and even phone numbers.

While the application looks legit and promises access to a database of 38 million contacts, it also uploads users’ device IDs and other personal data to a remote database.

“National phone book Free” classifies as an InfoStealer Trojan by uploading user data into a MySQL database and grabbing information such as name, phone number, postal code, country, region, city, address, street, email address, latitude, longitude, and IMEI.

The apps’ description does specify that GPS information and address book access is required, but it does not state that this data will be added to the database as well. o

Below is a screenshot where the app checks if the phone is already in the database:

When accessed via browser, the domain hosting the database redirects to a blog on unrelated Android topics.

Here’s what details are collected from your device:

In what at first glance looks like a Japanese version of The Yellow Pages, sensitive and confidential user data is grabbed and stored. Although collecting Android device IDs isn’t considered malicious, it’s only accepted as long as an app legitimately requires it to function.

To stay safe from malware, we strongly recommend the usage of an Android mobile security solution and a close eye on what permissions apps require on installation.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

This article is based on the technical information provided courtesy of Csaba-Zsolt JUHOS, Malware Researcher.

About The Author

Security Researcher

Liviu Arsene is the proud owner of the secret to the fountain of never-ending energy. That’s what’s been helping him work his everything off as a passionate tech news editor for the past couple of years. He is the youngest and most restless member of the Bitdefender writer team and he covers mobile malware and security topics with fervor and a twist. His passions revolve around gadgets and technology, and he’s always ready to write about what’s hot and trendy out there in geek universe.

Number of Entries : 152

Comments (1)

Leave a Comment

© 2012 Powered By Bitdefender

x
Loading...
Scroll to top