Researchers at Kaspersky Lab have discovered an unusual increase in the number of malicious “Trojans” that steal money from users of Android devices through WAP-billing, a type of direct-to-phone Smart without any recording process.

Russia’s leading e-security company said it had not noticed the trend for a while, but it was suddenly spread in the second quarter of 2017, causing thousands of users across the world, especially in India and Russia.

The WIP billing system has been widely used for years by mobile operators in subscriptions and paid services. This type of digital payment converts all costs directly to the user’s phone bill without having to register a bank card or create a user account.

The user will usually be redirected to a third page with a variety of additional services to subscribe to, if he wishes to click on them, and then pay the subscription fees through his phone account. But all of these steps can be done through a “Trojans” secretly applied by clicking on the links on all pages in a real threat scenario. In addition, a simple domain registration in the telecom operators’ billing system allows fraudsters to link their pages to the billing system in a fairly easy way and transfer money from the victim’s account to their accounts.

Trojan or Trojans is a type of malware that appears to perform a required function but instead copies a confidential load for malicious purposes.

Kaspersky Lab has identified several families of “Trojan horses” in the “top 20 malicious programs” prevalent on phones using the wireless billing service. All these types of malware, in order to activate themselves over the mobile Internet, can disable wireless Internet access (Wi-Fi) and activate Internet connection through the operator’s data.

The most common “Trojans”, belonging to the Trojan-Clicker.AndroidOS.Ubsod family of malware, receives links from the server and controls and opens. According to the statistics of “KSN”, was able to this type of injury to approximately 8000 users from 82 countries during the month of July.

Another malicious program, in the context of this robbery scenario, uses Java Scripts to click buttons and link them to billing through the wireless application protocol. The Xafekopy, which spreads through commercials, is disguised as useful applications such as battery performance optimizers, Stealing their money. Kaspersky Lab experts also found that “Trojans” in some ways are similar to Ztorg’s malicious software , on which the company has recently prepared a report. Xafekopy and Ztong malicious software come from a Chinese-speaking origin.

Some malicious Trojans, such as Autisus and Podec, abuse the rights of technical system administrators, making it difficult to delete malicious files. Moreover, this software can use Java Script files to bypass the Turing test to differentiate between computers and humans, CAPTCHA. For example, Podec, which uses the wireless billing system (WAP), has been active since 2015, especially in Russia, and was the third most common malware in June, according to Kaspersky Lab research.

Kaspersky Lab security expert Roman Onochik said these types of malicious “Trojans” have disappeared for a while, but the fact that they are back in the present may indicate that cybercriminals have begun to diversify their methods and resort to effective methods, such as The wireless billing system, to exploit users, as well as the malware of the SMS family that targets mobile phones and is considered to be more difficult than others. He added: “It is interesting to target the malware to Russia and India mainly, which can be attributed to the case of worse Local communications. However, we have also discovered such software in both South Africa and Egypt. ”

Kaspersky Lab recommends users pay attention to applications installed on their devices, avoid those from unknown sources, and always keep security updates in place to prevent potential damage and stay protected at all times.

Kaspersky Lab also offers users the ability to install reliable security solutions on their computer, such as the Kaspersky Mobile Antivirus: Web Security & AppLock solution , designed to protect their privacy and personal information from threats to Android devices.


In: A Technology & Gadgets Asked By: [21022 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »

Star Points Scale

Earn points for Asking and Answering Questions!

Grey Sta Levelr [1 - 25 Grey Star Level]
Green Star Level [26 - 50 Green Star Level]
Blue Star Level [51 - 500 Blue Star Level]
Orange Star Level [501 - 5000 Orange Star Level]
Red Star Level [5001 - 25000 Red Star Level]
Black Star Level [25001+ Black Star Level]