In the most serious mobile malware incident yet to be uncovered in the UK a firm has been fined £50,000 ($78,000) by the regulator for profiting from bogus apps that covertly sent SMS messages costing £5 ($7.80) a time to a premium rate number.
The features of this fraud will be familiar to anyone who has studied the slow but steady gestation of mobile malware in developed countries; attractive apps that turn out to be malware in disguise, Android users as the targets and premium-rate charges generated for the phone user without this being apparent.
The application was planted on the Android marketplace in November 2011 posing as popular games including Angry Birds, Cut the Rope and Assassins Creed, eventually downloaded by almost 1,400 smartphone users.
Each time the cover application was opened, three SMS messages were sent to the premium rate service although the user would not have been aware of this until the charges turned up on their bill.
The minimum charge was therefore £15 with maximum charges reportedly running to several times this sum. The total amount defrauded is believed to be £27,850, according to sources quoting UK industry regulator, PhonepayPlus.
The Latvian-founded company that allegedly received the funds was fined after a tribunal and ordered to issue refunds to subscribers. The relationship of this firm (which may be legitimate in other respects) to the con is still not clear.
The story has several interesting elements to it, the first being that the apps were planted on the Google Market (now renamed Google Play), heavily criticised in the past for not performing the sort of rigorous app checks apparently carried out by rivals Apple and Microsoft.
According to The Daily Telegraph, the number of subscribers that complained to PhonepayPlus was a mere 34, a fraction of those affected. Despite the fact that others will have alerted their mobile network, this suggests that subscribers can take weeks or months to complain about suspect charges giving scammers longer to make money.
The apps in question were also noticed by security companies such as F-Secure, which issued a Q1 Threat report mentioning the trend for using legitimate apps as‘wrappers’ to engineer downloads. Overwhelmingly, mobile malware (which includes all types of problem app) is targeted at Android users.
Such wrapper apps seem to have emerged in Russia last year with attacks being reported there by Trend Micro. The warning is clear - mobile malware has arrived in Western Europe and the method of attack will be tariff fraud.
“SMS Trojans are currently the biggest category of mobile malware. And it’s important to understand that it’s not just a problem in Russia or China," commented David Emm of Kaspersky Lab.
"If it [the app] asks for permission to send/receive messages, but this doesn’t match the functionality of the app, don’t install it. You should also protect your device with a mobile anti-virus product."
Earlier this year PhonepayPlus fined a Dutch company £100,000 for allegedly sending fraudulent SMS text apps that exploited typosquatting.