New Android Trojan secretly buys apps
Posted on 09.07.2012
Even though malicious Android apps can occasionally be found on Google Play, Chinese third-party online Android markets are known for offering them by the hundreds, if not thousands.


Most of them do one of two things: collect personal and device information, or send out pricy messages to premium rate numbers. But now and then, an app that doesn't follow that pattern crops up.

Researchers of mobile security company TrustGo have recently unearthed a new type of Android malware whose goal is to surreptitiously buy apps and other content from China Mobileís Mobile Market without alerting and needing the permission of the user.

Dubbed MMarketPay, the Trojan comes repackaged with a number of legitimate travel and weather apps, and is currently offered on no less than nine online Chinese Android markets.

According to the researchers, it has already been downloaded and likely installed by more than 100,000 users.

The malicious apps takes advantage of the easily subverted Mobile Market's payment workflow.

After having logged into the market's website, the Trojan can automatically place orders for paid apps and content. M-Market sends a verification code via SMS, which is then provided to M-Market for verification.

Once the verification is completed, the app is downloaded automatically, and China Mobile adds the order to the customerís phone bill.

The Trojan is able to intercept received SMS messages in order to collect the verification code sent by M-Market and, if a CAPTCHA image is invoked, it is also able to post it to a remote server in search for the correct answer.

In the end, the users is left with an unexpected high phone bill.






Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //