A new Android malware variant called ExpensiveWall gains remote access to users' phones and sends fraudulent premium SMS messages, racking up paid service charges, Check Point's mobile threat research team disclosed today.
The malware infiltrated Google Play and infected at least 50 apps, which were downloaded between 1 million- to 4.2 million times before Google removed them.
ExpensiveWall, named after the "Lovely Wallpaper" app it infected, signs up users to premium services without their knowledge once it's downloaded. It then sends bogus premium text messages, which are then charged to users' accounts.
The malicious app is a new variant of a Trojan photo app found on Google Play earlier this year that signs up users for premium services, but ExpensiveWall's advanced obfuscation techniques to avoid Google Play's automatic anti-malware protections sets it apart from other variants in the malware family.
Read more about ExpensiveWall and the details of its attack method here.
Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity agenda here.