Download our in-depth report: The Ultimate Guide to IT Security Vendors
The app, which is distributed via spam containing a link to the app page, includes an end user license agreement (EULA) generously acknowledging that the app may upload the user's personal information.
Previous versions of Android.Enesoluty, which was first discovered in September of 2012, were disguised as battery savers, reception improvers or security apps -- this one appears to start loading a game, then states that it's attempting to connect to the game server. It then asks the user to check network connectivity, while it uploads the victim's address book to a remote server.
While malware specifically targets Japanese users, the researchers note that there are many lessons to be learned here. "When looking for apps, Symantec recommends downloading them only from trusted sources," writes Symantec's Joji Hamada. "Think twice before clicking on links in emails and SMS messages that are trying to persuade you to download apps, and install a security app ... on your device."