BreachExchange mailing list archives
5 held over apps that stole smartphone info
From: security curmudgeon <jericho () attrition org>
Date: Thu, 1 Nov 2012 12:04:50 -0500 (CDT)
---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> http://www.yomiuri.co.jp/dy/national/T121030003585.htm The Yomiuri Shimbun Oct. 31, 2012 Five people, including the owner of an information technology-related company, were arrested Tuesday on suspicion of providing a virus built into smartphone applications that stole more than 10 million pieces of personal information from users' address books. The Metropolitan Police Department said about 90,000 people's smartphones were infected with a virus lurking in applications they downloaded. According to the MPD, this is the first case established to deal with such a large information theft in Japan. Investigative sources said a man who runs an IT-related company allegedly created video applications for Android smartphones containing a virus that extracts personal information stored on the phone. In collusion with a woman who is the former president of another Tokyo-based IT-related firm, the man released the apps on Google Inc.'s official store for free in late March. He is suspected to have had the malicious apps transmit personal information, including telephone numbers and e-mail addresses, to an external server. [...] _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges. Tenable Network Security (http://www.tenable.com/) Tenable Network Security provides a suite of solutions which unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Current thread:
- 5 held over apps that stole smartphone info security curmudgeon (Nov 02)