Windows Mobile Trojan frags gamers
Premium-rate calls on the sly
Scammers have hidden a nasty surprise for users who downloaded doctored copies of a Windows Mobile game.
Hackers adapted a demo version of 3D Anti-Terrorist Action to include a Trojan that makes premium-rate calls costing around US$6 a minute on the sly. Doctored copies of the Counter-Strike-alike game are designed to call premium-rate phone numbers in the Antarctic, the Dominican Republic and Somalia, leaving users none the wiser until they received whopper mobile phone bills.
It adds that even legitimate versions of the application lack engaging gameplay.
Screenshots of the application, along with extracts from a UK victim's email, can be found in a blog post by Sophos here. The net security firm reckons a Russian-language speaker wrote the malware behind the attack. ®
"...premium-rate phone numbers in the Antarctic..."
Seriously?!? Is there much demand on the continent for penguin-based sexy chat?
When I worked for a voip company we blocked certain country codes( these were counties that allowed any number that the owned to be used as premium numbers) and all premium rate numbers as we found very few of our customers need that kind of access it solved alot of problems. Also here in the US the phone company is just acting as billing agent for the company charing on the numbers. You can not have your phone turned off for not paying for premium rate numbers . The phone companies have even been know to remove that portion from your bill(provided you have no history of calling premium rate numbers ).
It's not like this is new.
Dodgy copies of things have always been a vector for malware, right back to ye olde floppy disks and tape drives. I think you could say "stupid prices and ridiculous DRM turned out to be the best malware-distribution solution created" and still be accurate. That's a far too inconvenient truth, though.
What I'm annoyed at is that the jump from dial-up to broadband put paid to rogue dialler software. Now we have mobile computers with phones attached to them, the old attacks are coming back. Seriously, how hard would it be to put a warning hook in the operating system? "This software is trying to dial a premium rate number. This could cost you an arm, leg and possibly a few teeth. Do you want to continue? (y|n)"