Feeds

Fake Angry Birds app makers fined £50k for shock cash suck

Making money-grabbing malware is too easy on Android, say experts

Top 5 reasons to deploy VMware with Tegile

A firm that disguised Android malware as Angry Birds games has been fined £50,000 ($78,300) by UK premium-rate service regulator PhonepayPlus.

A1 Agregator posted mobile apps posing as smash-hit games, including Cut the Rope, on Android marketplaces and other outlets. Rather than offer free entertainment, the software silently sent out a text in order to receive a string of premium-rate messages, costing victims £5 per SMS. Users would have to uninstall the counterfeit apps from their phone to prevent further messages and charges.

The malicious code also covered up evidence of the message swapping which might have alerted punters to the whopping charges on their upcoming bills.

A total of 34 people, perhaps only a small percentage of those affected, complained to PhonepayPlus by the end of last year. In a ruling this month, the watchdog found A1 Agregator guilty of multiple breaches of its code of conduct and levied a fine of £50,000, estimated as the upper limit of the illicit profits made through the scam. A1 Agregator, which wasn't even registered with PhonepayPlus at the time of its offence, must refund defrauded victims in full within three months, whether they've complained or not.

It is understood the firm trousered £27,850 ($43,600) from the scam.

A1 Agregator - which was "formally reprimanded" over its behaviour - must also submit any other premium-rate services it develops to PhonepayPlus for approval over the next 12 months.

Premium-rate SMS scams account for 36.4 per cent of malware on smartphones, the second largest type after spyware, according to analysts Juniper Research.

And Carl Leonard, senior security research manager of EMEA at Websense, added: "Mobile apps are a powerful malware delivery technique as most users are willing to allow apps to do anything to get the desired functionality. Cyber criminals are beginning to use these malicious apps not only to make a quick buck but to also steal valuable data."

"For example, a malicious app could access the data on your phone, or access all of your contacts. This is particularly bad news for businesses that allow bring your own device (BYOD) schemes but don’t have the right security to protect their mobile data," he added.

Android virus evolution

Mobile malware scams first emerged in Russia and China several years ago. Fraudsters are beginning to turn to the West for victims, Kaspersky Lab warns.

"The mobile threat landscape is dominated by malware designed to run on Android – 65 per cent of all threats are aimed at this platform," said David Emm, senior security researcher at Kaspersky. "The platform is popular, it’s easy to write apps for it and it’s easy to distribute them via Google Play – so it’s little wonder that cybercriminals are making use of Google Play, where malware masquerades as a legitimate app."

"SMS Trojans, of the sort mentioned in the [PhonepayPlus] report, are currently the biggest category of mobile malware. And it’s important to understand that it’s not just a problem in Russia or China. Cybercriminals seek to make money from them across the globe, including here in the UK," he concluded.

In the past mobile malware often offered a free application as bait. During installation, the Trojan would display some kind of decoy error message. This prompted victims to search for answers on web forums and elsewhere - which was the last thing scammers want because it could lead marks to the realisation that they'd been suckered.

More recently cybercrooks have begun offering a bait that actually works. A blog post by F-Secure, published with a helpful video, describes an unrelated case of a Trojan installing a working copy of Rovio's Angry Birds Space as it compromises the phone. ®

Internet Security Threat Report 2014

More from The Register

next story
'Kim Kardashian snaps naked selfies with a BLACKBERRY'. *Twitterati gasps*
More alleged private, nude celeb pics appear online
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Freenode IRC users told to change passwords after securo-breach
Miscreants probably got in, you guys know the drill by now
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
BitTorrent's peer-to-peer chat app Bleep goes live as public alpha
A good day for privacy as invisble.im also reveals its approach to untraceable chats
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.