Android spyware can sign up for premium services without notifying users

• Spyware that can sign you up for a premium subscription without your knowledge is becoming more common.
• Malware-containing apps are typically categorized as “toll frauds” and use “dynamic code loading” to execute the attack.
• Some virus variants disable your Wi-Fi or just wait till you leave the range.

According to Microsoft’s 365 Defender Team, spyware that can sign you up for a premium subscription without your knowledge is becoming more and more common.

However, the attack is rather complex, and the malware must complete a number of steps.

To begin with, the malware-containing apps are typically categorized as “toll frauds” and use “dynamic code loading” to execute the attack.

In essence, spyware uses your monthly telecom bill to sign you up for a premium service. Then you are made to pay.

The so-called WAP (wireless application protocol), used by cellular networks, is the only method through which the malware functions.

Because of this, some virus variants disable your Wi-Fi or just wait till you leave the range of your Wi-Fi. This is where the dynamic code loading stated before comes into play.

After reading an OTP (one-time-password) you might have received before subscribing, the malicious program reads it, fills out the OTP form on your behalf, and also hides the message to mask its tracks.

The good news is that because Google limits the usage of dynamic code loading by apps, the malware is primarily disseminated outside of Google Play.

Therefore, use caution and refrain from side-loading Android apps.

Also Read

Google claims Hermit malware was installed on Android and iOS via ISPs

Internet Service Providers (ISPs) are helping a sophisticated spyware operation fool people...