Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Fake Angry Birds app cost UK Android users £28,000

Latvian firm fined for distributing a 'wrapper' app

Article comments

In the most serious mobile malware incident yet to be uncovered in the UK a firm has been fined £50,000 ($78,000) by the regulator for profiting from bogus apps that covertly sent SMS messages costing £5 ($7.80) a time to a premium rate number.

The features of this fraud will be familiar to anyone who has studied the slow but steady gestation of mobile malware in developed countries; attractive apps that turn out to be malware in disguise, Android users as the targets and premium-rate charges generated for the phone user without this being apparent.

The application was planted on the Android marketplace in November 2011 posing as popular games including Angry Birds, Cut the Rope and Assassins Creed, eventually downloaded by almost 1,400 smartphone users.

Each time the cover application was opened, three SMS messages were sent to the premium rate service although the user would not have been aware of this until the charges turned up on their bill.

The minimum charge was therefore £15 with maximum charges reportedly running to several times this sum. The total amount defrauded is believed to be £27,850, according to sources quoting UK industry regulator, PhonepayPlus.

The Latvian-founded company that allegedly received the funds was fined after a tribunal and ordered to issue refunds to subscribers. The relationship of this firm (which may be legitimate in other respects) to the con is still not clear.

The story has several interesting elements to it, the first being that the apps were planted on the Google Market (now renamed Google Play), heavily criticised in the past for not performing the sort of rigorous app checks apparently carried out by rivals Apple and Microsoft.

According to The Daily Telegraph, the number of subscribers that complained to PhonepayPlus was a mere 34, a fraction of those affected. Despite the fact that others will have alerted their mobile network, this suggests that subscribers can take weeks or months to complain about suspect charges giving scammers longer to make money.

The apps in question were also noticed by security companies such as F-Secure, which issued a Q1 Threat report mentioning the trend for using legitimate apps as‘wrappers’  to engineer downloads. Overwhelmingly, mobile malware (which includes all types of problem app) is targeted at Android users.

Such wrapper apps seem to have emerged in Russia last year with attacks being reported there by Trend Micro. The warning is clear - mobile malware has arrived in Western Europe and the method of attack will be tariff fraud.

“SMS Trojans are currently the biggest category of mobile malware.  And it’s important to understand that it’s not just a problem in Russia or China," commented David Emm of Kaspersky Lab.

"If it [the app] asks for permission to send/receive messages, but this doesn’t match the functionality of the app, don’t install it. You should also protect your device with a mobile anti-virus product."

Earlier this year PhonepayPlus fined a Dutch company £100,000 for allegedly sending fraudulent SMS text apps that exploited typosquatting.



Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *