'ExpensiveWall' Attacks More Than 1 Million Android Users
New Android malware variant registers users for paid services without their permission and sends bogus premium SMS messages.
A new Android malware variant called ExpensiveWall gains remote access to users' phones and sends fraudulent premium SMS messages, racking up paid service charges, Check Point's mobile threat research team disclosed today.
The malware infiltrated Google Play and infected at least 50 apps, which were downloaded between 1 million- to 4.2 million times before Google removed them.
ExpensiveWall, named after the "Lovely Wallpaper" app it infected, signs up users to premium services without their knowledge once it's downloaded. It then sends bogus premium text messages, which are then charged to users' accounts.
The malicious app is a new variant of a Trojan photo app found on Google Play earlier this year that signs up users for premium services, but ExpensiveWall's advanced obfuscation techniques to avoid Google Play's automatic anti-malware protections sets it apart from other variants in the malware family.
Read more about ExpensiveWall and the details of its attack method here.
Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity agenda here.
Read more about:
2017About the Author
You May Also Like
State of AI in Cybersecurity: Beyond the Hype
October 30, 2024[Virtual Event] The Essential Guide to Cloud Management
October 17, 2024Black Hat Europe - December 9-12 - Learn More
December 10, 2024SecTor - Canada's IT Security Conference Oct 22-24 - Learn More
October 22, 2024