Android malware subscribes users to premium services unknowingly

US tech giant Microsoft’s 365 Defender team said there is growing popularity of malware that can subscribe users to a premium service without their knowledge. According to GSM Arena, however, the team said that the attack of this malware is quite elaborate and the malware needs to perform several steps.

For starters, the apps hosting the malware are generally classified as “telephone scams” and use “dynamic code loading” to carry out the attack. In short, the malware subscribes users to a premium service using their monthly telecom bill, and then they are forced to pay.

The malware only works by exploiting the so-called WAP (Wireless Application Protocol) used by cellular networks. This is why some forms of malware turn off your Wi-Fi or just wait for you to get out of Wi-Fi coverage. This is where the aforementioned dynamic code loading comes into play. The malware then subscribes you to a background service, reads an OTP (one-time password) that you may receive before subscribing, fills in the OTP field on your behalf, and also hides the notification to cover your tracks.

The saving grace is that the malware is widely distributed outside of Google Play, as Google limits the use of dynamic code loading by apps, according to GSM Arena. (ANI)

(This story has not been edited by the Devdiscourse team and is auto-generated from a syndicated feed.)

Donald E. Patel