French cops cuff man over €500K Android Trojan scam
Suspect had wanted to earn his crust as software dev
French police have arrested a 20-year-old man who allegedly earned €500,000 (£405,00, $650,000) through an Android malware scam.
The unnamed perp from the Amiens region allegedly tricked 17,000 victims into installing a Trojan that posed as a legitimate application on their Android smartphones. In reality, the malicious application sent SMS messages to premium rate numbers, allegedly earning the suspect a tiny slice for each SMS. Victims were left none the wiser until they received bills charging them for the fraudulent transactions.
The malware also stole login details for gaming and gambling websites. The suspect, who reportedly began his involvement with the scam last year, has admitted responsibility but told investigators he was motivated by technical curiosity and ambitions to become a software developer rather than greed, the BBC reports.
Android SMS malware is not a new problem. Most reported incidents have happened in either Russia or China but there are precedents for this sort of malfeasance in France. Trojan apps typically pose as popular mobile games, such as Angry Birds, or useful* utilities, such as Instagram.
Back in February, French cops cuffed two men linked to the distribution of the Foncy Trojan, another strain of malware that sent expensive SMS messages from infected Android smartphones.
More commentary on the security aspects on the case can be found in a blog post by Sophos here. ®
*Yes, we know, we'll be hearing from you in the comments...