Microsoft’s 365 Defender Team says there is a growing popularity of malware that can subscribe to a premium service without your knowledge. The attack is quite elaborate, however, and there are a few steps the malware needs to take.
For starters, apps hosting malware are generally classified as “tariff fraud” and use “dynamic code loading” to perform the attack. In short, the malware subscribes you to a premium service using your monthly telecom bill. You are therefore forced to pay.
The malware only works by exploiting the so-called WAP (wireless application protocol) used by cellular networks. That’s why some forms of malware disable your Wi-Fi or just wait for you to get out of Wi-Fi coverage. This is where the aforementioned dynamic code loading comes into play. The malicious software then signs you up for a background service, reads an OTP (one-time password) you may receive before signing up, fills in the OTP field on your behalf, and also hides the notification to cover its traces.
The good news is that malware is widely distributed outside of Google Play because Google restricts apps from using dynamic code loading. So be careful out there and avoid side loading of android apps.
Start a new Thread