Users of the Google Play marketplace in Japan appeared to be the target of the Trojan which access personal information of users as it displays the videos to users. The discovery of the Trojan on the Google Play marketplace was revealed recently through a blog post of McAfee. The antivirus company added that the malware was detected as Android/DougaLeaker.A.
A total of fifteen of these malicious applications coming from two developers were found on the Google Play marketplace.
The applications with the Trojan would offer and provide trailers of unreleased Japanese video games or video clips that have an adult-oriented or anime theme. However it would also request permission from users to read contact data as well as read phone identity and state before they can be downloaded by users from the Google Play marketplace.
Once the permission is given by the user, the Trojan would access the Android ID of the user instead of the IMEI code. The Trojan would then access the phone number of the user along with the contact lust include all the names, phone numbers, and email addresses of the contacts of the user.
A loading message would be displayed by the app as it collects the data from the user. At times the video will play after the data is accessed while in other cases an error message would be displayed. According to the post of McAfee, around 70,000 users downloaded the malicious apps from the Google Play marketplace although the apps were already removed.
McAfee has advices users of the Google Play marketplace to be certain that the apps that they aim to download are not asking for inappropriate permission from them.