Symantec’s security response division recently discovered a malicious application called Android.Uracto, to trick people into being able to see through clothes.
The application sends junk messages to phone numbers stored in the contacts of a mobile device. Recipients will be easily fooled because this spam message invites them to download an application from someone they know instead of it being sent from a stranger.
The website that the link in that message redirects users to (shown as the picture below) will introduce an app called “Infrared rays” (Infrared X-Ray), allows users to see through other people’s clothes when they look through the device’s camera and of course it also allows them to take pictures.
See-through apps do not work, but when running the application, the contact details stored in the device’s contacts will be uploaded to a predefined server.
Symantec conducted further research and found up to 10 similar applications developed by the same fraud group. Domain name servers of phishing websites are located in Singapore and in the US state of Georgia.
Symantec recommends that users be careful not to click on links contained in SMS or email messages of unknown senders, or in suspicious messages sent from acquaintances. In addition, you should only download applications from reputable vendors. To avoid such threats, users can install security applications such as Norton Mobile Security or Symantec Mobile Security.