Researchers are already warning that malware authors developing more sophisticated attack techniques for mobile devices, using encryption and randomization or hiding malicious code in image files.
As analyzed by Symantec a malicious Infrared X-Ray Android application, attempting to lure Android device owners to download an app that supposedly allows the camera on the device to see through clothes.
This malware app is spreading quickly widely in Japan by sending the spam messages via SMS to phone numbers stored in the device’s Contacts, so that the recipients of the spam to be tricked easier because the invitation to download the app is coming from someone they know rather than from an unknown sender.
The app is designed to steals all details in the device's contact list and are uploaded to a predetermined server.
Symantec confirmed that there are several variants of this app exist, "..the latest variants have added an interesting payload: rather than sending SMS messages to the victim’s friends and family, the ultimate goal is to scam the victim with something similar to what is called one-click fraud in Japan" Hamada said on blog.
Moreover, in order to make it difficult for the victim to uninstall the app, it removes itself from the launcher after it is initially executed, although it can be removed in Applications under Settings.
Researchers suggest to refrain from clicking links found in messages such as emails and SMS messages from unknown senders as well as suspicious messages from known senders.