French cops cuff man over €500K Android Trojan scam
Suspect had wanted to earn his crust as software dev
French police have arrested a 20-year-old man who allegedly earned €500,000 (£405,00, $650,000) through an Android malware scam.
The unnamed perp from the Amiens region allegedly tricked 17,000 victims into installing a Trojan that posed as a legitimate application on their Android smartphones. In reality, the malicious application sent SMS messages to premium rate numbers, allegedly earning the suspect a tiny slice for each SMS. Victims were left none the wiser until they received bills charging them for the fraudulent transactions.
The malware also stole login details for gaming and gambling websites. The suspect, who reportedly began his involvement with the scam last year, has admitted responsibility but told investigators he was motivated by technical curiosity and ambitions to become a software developer rather than greed, the BBC reports.
Android SMS malware is not a new problem. Most reported incidents have happened in either Russia or China but there are precedents for this sort of malfeasance in France. Trojan apps typically pose as popular mobile games, such as Angry Birds, or useful* utilities, such as Instagram.
Back in February, French cops cuffed two men linked to the distribution of the Foncy Trojan, another strain of malware that sent expensive SMS messages from infected Android smartphones.
More commentary on the security aspects on the case can be found in a blog post by Sophos here. ®
*Yes, we know, we'll be hearing from you in the comments...
Re: Malware authors ....
And that includes the witless pillocks who insist on bundling useless bloody toolbars and McAfee etc., sodding software as completely unrelated, unnecessary and unwanted, yet preselected installs, with bloody Acrobat Reader and Java updates.
Malware is as malware does, and that's bloody malware
Re: Malware authors ....
7. Forced to code in Visual Basic.
"And that includes the witless pillocks who insist on bundling useless bloody toolbars and McAfee etc., sodding software as completely unrelated, unnecessary and unwanted, yet preselected installs, with bloody Acrobat Reader and Java updates."
..... and Google bloody Chrome.. the one way to ensure I NEVER try a piece of software is to try to ram it down my throat everywhere I go (acrobat) or sneak it in with a pre-selected (but still unwanted) option during in an install.