U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Malware

Malicious apps spread via Google Store packaged with premium SMS scam

PandaLabs has found at least four free apps in the official Google Play store that are packaged with a premium SMS scam. Already 300000 mobile infected. PandaLabs security firm has identified malicious Android apps available on Google Play that can sign up users for premium SMS subscription services without user knowledge.  The malware has infected at least 300,000 Android devices, although the number of […]

Malicious apps spread via Google Store packaged with premium SMS scam

PandaLabs has found at least four free apps in the official Google Play store that are packaged with a premium SMS scam. Already 300000 mobile infected.

PandaLabs security firm has identified malicious Android apps available on Google Play that can sign up users for premium SMS subscription services without user knowledge.  The malware has infected at least 300,000 Android devices, although the number of downloads could have reached 1,200,000.

The security firm identified at least four free apps in the official Google Play store that are packaged with a premium SMS scam, their names are “Abs Diets”, “Cupcake Recipes”, “Easy Hairdos” and “Workout Routines”.
When the “Abs Diet” app has been installed on the user’s device and once victim has accepted the terms and conditions of the service, the application displays a series of suggestions to improve physical fitness and then the app silently search for the phone number of the mobile device, connects to a Web page and signs the victim up to a premium SMS subscription service. 
Very smart is the way the app retrieves the phone number, it steals the number from WhatsApp.

“Without the user knowledge the app will get the phone number of the device, will go to a website and will register it to a premium SMS service. This service require a confirmation to be activated, which means it sends a SMS to that number with a PIN code, which have to be entered back to end the process and start changing you money. This app waits for that specific message, once it arrives it intercepts its arrival, parses it, takes the PIN number and confirm your interest in the service. Then it removes it, no notification is shown in the terminal and the SMS is not shown anywhere. Again, all this is done without the user knowledge.” states the PandaLabs blog post.

android malware SMS

 

The experts at Panda Labs estimated that the average each victim gets charged by these apps is $20 and considering that overall number of downloads is between 300,000 and 1,200,000, this means that the cyber criminals could have made between $6 million and $24 million.

It’s not the first time that a malware is served via Google Play store, in the past popular banking trojan like Carberp has been spread through the official channel.

Be careful to what you install on your mobile and evaluate the permissions apps need to be installed, they could allow malicious code to cause serious problems.

Pierluigi Paganini

(Security Affairs –  Android, SMS)