In effect, this Android malware forces subscriptions on your account, which are then added to your telecom operator’s monthly billing cycle. This leads to you facing exorbitant charges to your account, which you are then liable to pay since the transactions are technically authorised through your account only.
How the Android malware flaw works
As described by Microsoft, the toll fraud malware breaches the wireless application protocol (WAP) through select cellular networks, which is why the first step that such apps do is disable the wi-fi network on a target user’s phone – or wait for them to be in cellular network coverage area.
Once in cellular coverage, the malware enforces a premium account subscription in the background, without a user’s knowledge. It then uses dynamic code loading, which executes web commands based on automatic instructions through an app, and navigates to the payment page of a subscription that you did not voluntarily opt for.
On its payment page, the malware enables payment to a subscription through your cellular network and also intercepts and hides the one-time password that you may receive from your notification panel. It also uses elevated system privilege to access this password, and enter it on your subscription page to then bill it to your network carrier’s overall bill.
Microsoft notes that such frauds are largely distributed outside the Google Play Store since the latter’s policies include restrictions for apps with dynamic code loading – which are thereby unable to execute automatic commands.
As a result, beware of the app that you download outside the Google Play Store, since they may often include malware that can lead to the loss of sensitive data and money, all without your knowledge or approval.
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.
