New fraud malware detected on Android phones

With more than 3 billion active Android phone userbase, Google's mobile ecosystem draws unwanted attention from bad actors to prey on naive users.

Over the years, Google has tried to improve the security of the Android and Play Store. It will join forces with ESET, Lookout, and Zimperium to form App Defense Alliance.

Despite sincere efforts, the search engine giant has been unable to curb malware entering the Android ecosystem.

Now, in the latest instance, Microsoft's security team has detected toll fraud malware, which comes under a subcategory of billing fraud, on Android phones.

The modus operandi of the toll fraud malware app is that it opens the internet browsers, scrolls to a particular premium service website and applies for subscriptions on phone without the owner's consent. What's more dangerous is that the malware is capable of establishing a connection to remote service via a cellular network instead of Wi-Fi to avoid detection by the security apps on the phone.

Also, while applying for an illegal premium service subscription, the malware is capable of reading the OTP sent from the bank and hiding it from the phone owner; the latter will never know of illegal transactions until he/she notices it in the monthly bank statement.

"API (Application Pro subset is abused by malware developers to suppress service subscription notification messages posted by the default SMS application. More specifically, upon successful subscription, the service provider sends a message to the user to inform them about the charges and offers the option to unsubscribe. By having access to the notification listener service, the malware can call any of the functions mentioned above to remove the notification," the Microsoft Security team said.

The experts said that the phones with Android 9 or older versions are vulnerable to the toll fraud malware app. Also, the phone owners are advised to be wary of installing apps from third-party app stores or shady websites even if they offer any monetary benefits or gift vouchers. This is a common way to lure gullible users to install apps.

Also, it goes without saying that users must upgrade their phones to the latest updates and security patches released monthly or sometimes quarterly by Google and mobile companies.

It is also good practice to install reliable anti-virus apps only from the Google Play store.

Get the latest news on new launches, gadget reviews, apps, cybersecurity, and more on personal technology only on DH Tech.