Symantec identified 29 apps that, when installed, collected email addresses and phone numbers. All 29 app shared common code and were targeted at Japanese audiences.
The first app appeared in the store as early as February. The first deployment was embedded into a variety of different types of app ranging from contact managers to diet assistance. Proving unpopular, the developers released a second round. The second wave all had titles that ended in “the Movie”, and played a video about popular Japanese video games. These apps were installed an estimated 70,000 to 300,000 times. Essentially, the app would simultaneously download the user requested movie while uploading the user’s contact list to a remote server.
Joji Hamada from Symantec said, “According to Yomiuri Online, the Tokyo Metropolitan Police Department has begun investigating this incident and is attempting to track down the developers.”