Microsoft has alerted Android users to a malware that makes buying premium subscription services online without their knowledge. In a report, Microsoft researchers detail the “toll fraud malware” and the way it attacks Android users and their devices.
Researchers Dimitrios Valsamaras and Song Shin Jung have placed malware under a subcategory of billing fraud where malicious users subscribe to premium services without their knowledge. Reports say it is one of the most common types of Android Malware. Toll fraud does not work through SMS or calls, it works on Wireless Application Protocol (WAP), which bills purchases on the user’s phone bill. It doesn’t work over Wi-Fi, and in many cases, malware apps will first try to disconnect from Wi-Fi to force you to a cellular network.
Read also: Microsoft may soon launch a new version of Outlook Lite for Android
improper membership, according to Microsoft, begins with the user initiating a session with the service provider on a cellular network. Once on the network, the user is directed to a website that offers the subscription service. Sometimes, an OTP (One Time Password) is required, but malicious apps have a way of hiding the OTP required to verify your identity.
Microsoft states in its report that it classifies a subscription without a user’s consent as fraudulent. Here are the steps that a toll fraud malware performs to make you subscribe to unwanted services.
- Disable Wi-Fi connection or wait for user to switch to cellular data
- Navigate silently to membership page
- Auto-click the subscribe button
- Intercept OTP (if applicable)
- OTP sent to service provider
- Cancel SMS notifications (if applicable)
However, before these steps, the malware identifies the subscriber’s country and mobile network through the MCC (mobile country code) and multinational companies (mobile network code). This is done to target users from a specific country or region.
Read also: How Microsoft is using AI to improve audio and video quality in Teams
Now, to be safe, Microsoft researchers say there are some common symptoms users can look for on the Google Play Store. Some apps ask for too many permissions, which is a red flag. Also, if an app uses similar UI or icons, or uses fake developer profiles with bad grammar, or if the app has bad reviews. These are some of the things that Android users can check before downloading apps from Google Play Store.
If you’ve downloaded a malicious app, are experiencing signs like rapid battery drain, or connectivity issues (especially a lack of Wi-Fi signal), or if the device is getting hotter than usual, try uninstalling the app and There are indications for deleting all data. The researchers also discouraged sideloading of apps that users can’t officially find in the Google Play Store, as it could increase the risk.
Watch video: Vivo X80 Pro review: Should you spend Rs 79,999 on this smartphone?
Read also: Microsoft Exchange Server IIS Module As Malware Killed By SessionManager,
read all breaking news, today’s fresh newswatch top videos And live TV Here.