Malware Subscribes Android Users To Premium SMS Services

Play Store icon on smartphone

When you download an app for your smartphone, do you take the time to read the list of permissions? Most of us may quickly skim the permissions but ultimately fly by it like we do a new iTunes agreement. Doing so could leave your phone vulnerable to a variety of malware attacks and the latest threat to Android users is intelligent and could cost you hundreds of dollars.

It’s called Android.Trojan.MKero.A and it’s made its way into the official Google Play Store and infected legitimate, trusted apps. No one has been able to figure out how its infiltrated the Play Store, but it’s been found in at least 7 apps. The apps it has attached itself to are popular enough to have been downloaded up to 500-thousand times.

If you’re wondering if the Play Store has security in place to keep malware threats like this out, it does. This particular malware has eluded Google Bouncer, the app vetting system, however.

It’s purpose seems to be to silently subscribe victims to premium text messaging services. These can cost anywhere from 50-cents per message to more than a dollar. They require a few steps to ensure the user is aware of what they’re signing up for and notifications to alert the user they’ll begin getting charged. This malware threat is able to navigate all of that, however, to keep the user in the dark while the service begins.

First, the Trojan is able to use multiple steps to bypass CAPTCHAs, which are in place to prevent this type of fraud. Then, it claims administrative privileges, which a user agreed to when downloading the original app, to block notifications from the premium service. At this point, the costly messages can begin and, if the user isn’t quick to act, can add up quickly.

Google has been alerted to the presence of this malware in the Play Store, but no further announcement has been made. Back in March, Google implemented new procedures designed to keep malware out of the Play Store, but they’ve proven not to be enough in this specific instance.

When you download an app, be sure to carefully read the permissions and reconsider downloading if it requires giving the app administrative privileges. It’s also a good idea to install a trusted anti-virus app that can scan your device for malware already present.

If you’re worried your device is infected or just isn’t performing like it used to, bring it to us at Geek Rescue. We fix all kinds of devices with software and hardware issues. Stop by our shop at 61st and Memorial in Tulsa or call us at 918-369-4335.

September 10th, 2015