Android users are Sport Archivesbeing attacked by malware that unwittingly purchases premium subscription services that they did not want or sign up for, according to a blog from Microsoft Security.
In a report from Microsoft researchers Dimitrios Valsamaras and Sang Shin Jung, the pair detailed the continuing evolution of "toll fraud malware" and the ways it attacks Android users and their devices. According to the team, toll fraud malware falls under the subcategory of billing fraud "in which malicious applications subscribe users to premium services without their knowledge or consent" and "is one of the most prevalent types of Android malware."
Toll fraud works over the Wireless Application Protocol (WAP), which allows consumers to subscribe to paid content and add the charge to their phone bill. Because this attack relies on a cellular network to do the dirty business, the malware might disconnect you from Wi-Fi or use other means to force you onto your cellular network. While connecting to the cellular network the malware will start subscribing to premium services while also hiding any one-time passwords (OTP) sent to verify your identity. This is to keep targets in the dark so that they don't unsubscribe.
The evolution of toll fraud malware from its dial-up days presents a dangerous threat, researchers warn. The malware can lead to victims receiving significant mobile bill charges. Additionally, affected devices also have increased risk because the malware is able to evade detection and can achieve a high number of installations before a single variant can be removed.
This type of attack starts when a user downloads whatever app the malware is disguised as in the Google Play Store. These trojan apps will usually be listed in popular categories in the app store such as personalization (wallpaper and lock screen apps), beauty, editor, communication (messaging and chat apps), photography, and tools (like cleaner and fake antivirus apps). The researchers say that these apps will ask for permissions that don't make sense for what is being done (i.e. a camera or wallpaper app asking for SMS or notification listening privileges).
The purpose of these apps is to be downloaded by as many people as possible. Valsamaras and Shin Jung identified some common ways in which attackers will try to keep their app on the Google Play Store:
Upload clean versions until the application gets a sufficient number of installs.
Update the application to dynamically load malicious code.
Separate the malicious flow from the uploaded application to remain undetected for as long as possible.
Valsamaras and Shin Jung say that potential malware in the Google Play Store has common characteristics one can look for before downloading an app. As stated above some apps will ask for excessive permissions for programs that don't require such privileges. Other characteristics to be on the lookout for are apps with similar UIs or icons, developer profiles that look fake or have poor grammar, and if the app has a slew of bad reviews.
If you believe you've already downloaded a potential malware app, some common signs include rapid battery drain, connectivity issues, overheating constantly, or if the device is running much slower than normal.
The pair also warned of not sideloading any apps that you can't get officially in the Google Play Store, as this can increase the risk of infection. Their findings showed that toll fraud malware accounted for 34.8% of installed "Potentially Harmful Application" (PHA) from the Google Play Store in the first quarter of 2022, second only to spyware.
According to a Google transparency report, it says that most of the installations originated from India, Russia, Mexico, Indonesia, and Turkey.
Topics Cybersecurity Microsoft
Trump tariff news: See the latest impacts on consumer tech
The Paris Review Staff’s Favorite Books of 2020 by The Paris Review
The Art of Distance No. 39 by The Paris Review
My Cephalopod Year by Aimee Nezhukumatathil
Skype is finally shutting down
Redux: A Little Bedtime Story by The Paris Review
Lost Libraries by Rosa Lyster
Redux: All of This Was Out of Season by The Paris Review
Get Rid of Windows 10 Ads, Office Offers and Other Annoyances
In Winter We Get inside Each Other
Best security deal: The 8
No Walk Is Ever Wasted by Matthew Beaumont
Staff Picks: Marriage, Martinis, and Mortality by The Paris Review
Lost Libraries by Rosa Lyster
Today's Hurdle hints and answers for April 17, 2025
I See the World by Jamaica Kincaid
Staff Picks: Mingus, Monologues, and Memes by The Paris Review
On Jean Valentine by Hafizah Geter
Best robot vacuum deal: Get the Shark Matrix Plus 2
Cakes and Ale
Europe's Mars lander is lost on the red planetDonald Trump's 'nasty woman' comment is available in TGiants owner just made the Josh Brown domestic violence fiasco even more nauseatingAustralian man found not guilty of murdering his Tinder dateSee a Tesla drive itself to work all on its ownTrump's online donation tracker is anything but liveClinton insists background checks don't conflict with Second AmendmentPoignant stories of childhood trauma take center stage in bold new video campaignNew MacBook Pros might come with a 'Magic Toolbar' on the keyboardSnoopy, 'Peanuts' crew get the axe as MetLife goes corporateRocky Horror Picture Show: Fox version isn't live, and it's a problemMalaysia orders Auntie Anne's to rename hot dogs, in case people think they contain dog meatRazer's Blade Pro might be the sleekest VRStephen Colbert trolls Trump for his lack of EmmysThis app wants to be the SoundCloud of podcastingThat time Benedict Cumberbatch waltzed into a comics shop as Doctor StrangeQuiz: Can you find the end of Donald Trump's sentence?This 1 SimpsonsNYT Connections Sports Edition hints and answers for June 13: Tips to solve Connections #262Trump and Clinton square off again tonight — this time with jokes Foxconn begins iPhone 15 production in India: report · TechNode Chinese automaker Geely and tech giant Baidu co New dolphin Foxconn facilities offer increased pay for workers ahead of new iPhone release · TechNode How to watch 'Argylle': When and where is it streaming? Why the bears of Alaska's bear cam are still sticking around the river Chinese EV maker Neta enters Indonesia with three models · TechNode NYT's The Mini crossword answers for April 15 Meet the NASA astronauts flying to space with SpaceX and Boeing Zeekr unveils new pictures of its first supercar with carbon ceramic brakes · TechNode Wake up with NASA's playlist made for its sleeping Mars rover Microsoft is testing out start menu ad placement in Windows 11 NYT's The Mini crossword answers for April 14 Get up to 57% off Anker charging accessories at Amazon How to connect Xbox controller to PC Wordle today: The answer and hints for April 13 Kuaishou showcases AIGC digital human product Kuaishou Zhibo · TechNode Honkai: Star Rail’s global revenue exceeds $500 million · TechNode Google Pixel 8a, the 'cheapie' of the Pixel 8 series, just had a major leak Best sex toy deal: Spend $150 at Lovers, get $25 off
1.7971s , 8225.890625 kb
Copyright © 2025 Powered by 【Sport Archives】,New Knowledge Information Network