Feeds

French cops cuff man over €500K Android Trojan scam

Suspect had wanted to earn his crust as software dev

Build a business case: developing custom apps

French police have arrested a 20-year-old man who allegedly earned €500,000 (£405,00, $650,000) through an Android malware scam.

The unnamed perp from the Amiens region allegedly tricked 17,000 victims into installing a Trojan that posed as a legitimate application on their Android smartphones. In reality, the malicious application sent SMS messages to premium rate numbers, allegedly earning the suspect a tiny slice for each SMS. Victims were left none the wiser until they received bills charging them for the fraudulent transactions.

The malware also stole login details for gaming and gambling websites. The suspect, who reportedly began his involvement with the scam last year, has admitted responsibility but told investigators he was motivated by technical curiosity and ambitions to become a software developer rather than greed, the BBC reports.

Android SMS malware is not a new problem. Most reported incidents have happened in either Russia or China but there are precedents for this sort of malfeasance in France. Trojan apps typically pose as popular mobile games, such as Angry Birds, or useful* utilities, such as Instagram.

Back in February, French cops cuffed two men linked to the distribution of the Foncy Trojan, another strain of malware that sent expensive SMS messages from infected Android smartphones.

More commentary on the security aspects on the case can be found in a blog post by Sophos here. ®

*Yes, we know, we'll be hearing from you in the comments...

Endpoint data privacy in the cloud is easier than you think

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
They're not emails, they're business records, says court
Plug and PREY: Hackers reprogram USB drives to silently infect PCs
BadUSB instructs gadget chips to inject key-presses, redirect net traffic and more
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?