Connect with us

Hi, what are you looking for?

Tech News

Beware, this malware subscribes Android users to premium services

Beware, this malware subscribes Android users to premium services

Android malware.  (photo: Business Insider Spain)
Android malware. (photo: Business Insider Spain)

The malware Telephone fraud is one of the threats that continues to proliferate the most in Android. As warned from microsoft, a security threat is spreading in devices with this operating system which is based on phone malware. Attackers disable the network Wifi Y subscribe the user to premium services.

To carry out this threat, the cyber criminals they trick victims into calling or sending an SMS to a premium number, ie they have an additional charge and a higher cost. Those who fall for this scam, they are subscribed to a paid service and begin to receive charges on their telephone bills.

One of the characteristics of this fraud is that does not work when users are connected to Wifi networks, therefore, they force users to connect to the network of the mobile operator to which they are subscribed.

Advertisement. Scroll to continue reading.

In this way, when the user sends that SMS or calls the premium phone, the malware acts automatically and, without the user being aware, disable the Wi-Fi network for the user to connect to the mobile network.

Once this step is done, launches the Premium services subscription page, intercepting OTP one-time codes, suppressing notifications and SMS that could alert the user that they are being subscribed to these services.

How does this malware manage to disable the Wi-Fi network?

Advertisement. Scroll to continue reading.

The malware uses Android features to monitor network status and prevents you from connecting to Wi-Fi, forcing the device to be connected to the mobile network.

On Android 9 (API level 28) or lower, this is possible with a normal protection permission level. For a higher API level, there is the ‘requestNetwork’ function that is included in the CHANGE_NETWORK_STATE permission, which also comes with a normal level of protection.

With this malware, cybercriminals manage to get hold of the data of the victims, such as the operator you are subscribed to or the country in which you are located.

Advertisement. Scroll to continue reading.
Malware on Android.  (photo: Five Days)
Malware on Android. (photo: Five Days)

This is how this phone malware works

Microsoft has shared more technical details of this malware in a report highlighting that it works over the Wireless Application Protocol (WAP), which allows that subscription to paid content that is charged to the telephone bill.

According to the company, the malware does all these steps automatically without the user realizing it:

1. Disable Wi-Fi connection or wait for the user to switch to a mobile network.

Advertisement. Scroll to continue reading.

2. Later, navigate to the subscription page and click automatically click the button to subscribe intercepting the OTP, subscription confirmation code, and cancel SMS notifications.

How WAP billing works.  (photo: Microsoft)
How WAP billing works. (photo: Microsoft)

Another interesting aspect is that the malware uses ‘NetworkCallbak’ to monitor the state of the network and obtain the ‘networktype’ variable to link the process to a specific network, which forces the device to ignore an available Wi-Fi connection and use the mobile operator’s.

The only way the user can prevent this is to manually disable mobile data. If the victim’s mobile operator is on the target list, the malware proceeds to search for a list of websites that provide premium services and tries to subscribe to them automatically.

While there are multiple underwriting scenarios, users typically click on an HTML element and then send a verification code to the server. Microsoft notes that additional verification may sometimes be required. The malware samples from phone fraud that the company has analyzed also have methods to achieve it.

Advertisement. Scroll to continue reading.

Some operators terminate the subscription only after verifying that the user has authorized it via an OTP code delivered via SMS, HTTP, or USSD (Unstructured Supplementary Service Data).

Recommendations to avoid this malware

To avoid being victims of this new threat on Android, it is essential to carry out a series of practices that guarantee cybersecurity:

Advertisement. Scroll to continue reading.

– Have a antivirus for the mobile device is a good start.

Keep cell phones up to date so that any security breach is fixed.

– Do not download files from senders unreliable.

Advertisement. Scroll to continue reading.

– Don’t press on suspicious links.

– Do not install Applications Yes It is not from official stores.

Prevent allowing apps to read or send SMS, access notifications or log in unless these permissions are required for normal operation.

Advertisement. Scroll to continue reading.

Advertisement. Scroll to continue reading.
Advertisement
Advertisement

Related

Eiza González exploded against those who paired her with a producer: "Stop inventing"

Entertainment

The producer and Eiza relaxed in Italy (Photo: Instagram/@moalturki) Eiza Gonzalez spent a few days with the producer Mohammed Al Turkithus awakening all kinds...

Restart cell phone without the buttons.  (photo: The Spanish) Restart cell phone without the buttons.  (photo: The Spanish)

Tech News

Restart cell phone without the buttons. (photo: The Spanish) There are two things that usually go wrong smartphones. Batteries and mechanical parts, i.e. buttons....

Erasmo Catarino explained why he refused to sing with Rubí in the final of La Academia Erasmo Catarino explained why he refused to sing with Rubí in the final of La Academia

Entertainment

Erasmo Catarino exploded against the production of La Academia for not respecting his conditions to sing with Rubí in the final (Photos: Instagram/@erasmooficial @laacademiatv)...

Realme 9i 5G has new image revealed after gaining release date Realme 9i 5G has new image revealed after gaining release date

Android

Update (08/14/2022) – MR The Chinese manufacturer realme is preparing the launch of its next cost-effective mobile phone: the realme 9i 5G. Announcement date...

Advertisement

You May Also Like

Tech News

Restart cell phone without the buttons. (photo: The Spanish) There are two things that usually go wrong smartphones. Batteries and mechanical parts, i.e. buttons....

Android

There is no occasion for WhatsApp scammers to apply various methods to take money or steal users’ accounts, even from those who consider themselves...

Android

Google agreed to pay the $60 million fine for tracking users’ location without authorization. The amount is stipulated by the Australian Competition and Consumer...

Tech News

Download Instagram Stories. (photo: as.com) It’s been a long time since the stories of Instagram became one of the main attractions of the social...

Advertisement