A malware-infected Android app that scammed users out of 20 million yen (Â£160,740) lead to the arrest of six men in Tokyo. Posing as a video playback app, the malware affected 9,252 users who visited an adult site believed to have been created to deliver the virus.
Two IT executives were involved in the scam and the six-man operation was dismantled shortly after officials started investigating. Once installed, the app displayed a message insisting on a 99,800 yen (Â£803) payment for it to be discontinued.
Rebooting or shutting down the device had little to no effect as the virus kept nagging the users for payment even while the phone was turned off, said the Metropolitan Police Department. Itâ€™s believed that personal data was also collected and stored on a remote server, to be used for nefarious purposes later.
The idea behind the scam and virus implementation came from 27-year old Kazunori Makita, of Edogawa Ward, while 45-year old Chitoru Manago, of Shingu ran the company behind the adult website. As Japanâ€™s first case involving the distribution of an Android malware, the Metropolitan Police Department will probably keep investigating future malware scams as well.
Infected Android apps raise serious BYOD security concerns as most devices are used in corporate networks for accessing classified or otherwise restricted and confidential information. As pointed out by our E-Threat Landscape Report for Q1 2012, Android threats have grown considerably and IT managers need to enforce tighter scrutiny on BYOD devices.