A study by concealed cyber security solution company has exposed a mobile malware aiming at the WAP billing payment technique, robbing money via the mobile accounts of the victims without their awareness.
The Xafecopy Trojan is camouflaged as useful apps such as BatteryMaster, and works normally while furtively loading malicious code and decrypting onto the handset. Some of the names present in the JavaScript folders employed by Xafecopy are also viewed in the notorious Ztorg Trojan, recommending probable code sharing amid hacker gangs.
Once triggered, the Xafecopy malware tabs on web pages with WAP (Wireless Application Protocol) billing and then mutely subscribes the handset to a bunch of services. WAP is a form of mobile transaction that axes prices straightly to the mobile phone bill of the user so they do not require setting up a password and user-name or registering a card. The malware utilizes JavaScript files that can avoid captcha systems developed to defend users by verifying the action is being carried out by a user.
“WAP billing can be specifically defenseless to the so-called click jacking since it has a single-click feature that needs no authorization of the user. Our study recommends attacks of WAP billing are on the verge of increment. Attacks form Xafecopy aimed nations where this transaction method is accepted. The malware has also been recognized with various alterations, such as the capability to text messages to Premium-rate phone numbers from a mobile device, and to erase receiving text messages to conceal alerts from mobile network providers about robbed money,” clarifies senior malware analyst at Kaspersky lab, Roman Unuchek, to the media in an interview.
Xafecopy has strike over 4,800 people in 47 nations within a month, with 1,800 (almost 37.5%) of the attacks blocked and detected aiming India, followed by Turkey, Russia, and Mexico. “Android consumers require to be very careful in how they install apps. It is best not to believe 3rd-party apps, and whatsoever apps people do install must be scanned locally with the utility of verify apps. But further than that, android consumers must be operating a mobile safety suite on their handsets “, claimed the managing director of the cyber security company for South Asia, Altaf Halde, to the media.