Beware of this Android malware: it can activate paid services without your knowledge

Android app malware activation of unsolicited paid services

The toll fraud malware, that is, those malware usually hidden in some fraudulent applications and which they manage to activate paid premium services without the knowledge of the users or without theirs consent. This was stated by the research team of Microsoft 365 Defender, who in this regard carried out a study on the functioning of this type of malwarein an effort to help those in charge identify and mitigate any threats.

This malware is among the most widespread among Android apps, it manages to clear the phone bill without your knowledge

Android app malware activation of unsolicited paid services

How a malware di tariff fraud manages to attack the user, activating one or more paid services without your knowledge able to clear the phone bill in no time? Leveraging the protocol WAP - Wireless Application Protocol - a method that allows users to activate paid content from sites that support this protocol and to be charged directly to their remaining credit.

To activate these services, in theory, the user should click on a special activation button and in some cases receive a one-time password (OTP) which must be entered to verify the process. And this is where the malware that, through the dynamic loading of MCC and MNC codes (respectively mobile country codes and mobile network) hides the notification receipt of the OTP code and fill in the fields required to activate the ad subscription without the user's knowledge.

Android app malware activation of unsolicited paid services

It can do this, for example, turning off the Wi-Fi connection o waiting for the mobile network to be activated, automatically clicking on the subscription button to the service, intercepting and sending the OTP password to the service provider and canceling the SMS notifications.

According to what was found and communicated by the researchers of Microsoft 365 Defender, this type of malware It is among the most popular in the Google Play Store and accounted for 34,8% of potentially harmful applications (PHAs) installed on Android smartphones and tablets in the first quarter of the year alone, ranking second after the spyware. Therefore, always pay close attention to the apps you choose to download on your devices.

⭐️ Discover the new Weekly Flyer of GizChina with always different exclusive offers and coupons.