Saturday, October 16, 2021

WAPDropper malware abuses Android devices for WAP fraud

Must Read

Gmail Now supports email logo authentication BIMI

Google LLC today announced a small but potentially important email security update. Gmail is officially rolling out support for...

Brazil is creating a cyberattack response network

Brazil is creating a cyberattack response network to promote rapid response to cyber threats and vulnerability through coordination between...

DuckDuckGo passes 100M daily search queries for the first time in 12 years

DuckDuckGo reaches a historic milestone in a week when both Signal and Telegram saw a huge influx of new...

New WAPDropper malware signals users up to premium services supplied from telecoms from Thailand and Malaysia.

Security researchers have discovered a new breed of Android malware has been now dispersed in the wild, mostly targeting users situated in Southeast Asia.

Launched by security company Check Point, this malware is called WAPDropper and is now spread via malicious programs hosted on third-party program shops.

Check Point reported that when the malware infects an individual, it begins signing them up for top telephone numbers that charge big fees for a variety of kinds of services.

The final result is that contaminated users could get big phone bills every month till they unsubscribed in the top number or documented the problem for their cellular provider.

Check Point states based on the top phone numbers used within this strategy, the malware writers are probably established or cooperating with a person in Thailand or Malaysia.

“In this and similar strategies, both the hackers and the proprietors of this top rate numbers are co-operating or maybe the same group of individuals,” the firm said now at a report.

“It is only a numbers game: the further forecasts made utilizing the premium-rate services, the more revenue is created for people behind the providers. Everyone wins, except that the unlucky victims of this scam.”

In terms of the malware, Check Point states WAPDropper worked using two distinct modules. The first was called a dropper, although the second module was that the part that conducted the true WAP fraud.

The initial module has been the only one packed within the malicious programs, primarily to decrease the fingerprint and size of any malicious code within them. After the programs were installed and downloaded onto a device, this module could download the next element and begin defrauding victims.

But Check Point also wishes to increase an indication of alert about this specific bit of malware.

“Right now this malware falls a superior dialer, but in the long run, this payload can alter to fall whatever the attacker needs,” Aviran Hazum, Manager of Mobile Research at Test Point, informed.

“This kind of multi-function dropped,’ which further installs on a user’s telephone and downloads additional malware, has turned into a key cell infection trend we have observed in 2020.

All these dropper’ trojans represented almost half of mobile malware attacks between January and July 2020, together with joint infections from the hundreds of millions worldwide.

The Check Point staff additionally told that for now, they discovered the WAPDropper malware within programs called”af,””dolok,” an email program called”Mail ,” along with a children’s game called”Amazing Polar Fishing.” Users who installed some of those apps from beyond the Play Store are advised to eliminate them from their apparatus whenever possible.

Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

Leave a reply

Please enter your comment!
Please enter your name here

Latest News

Unified endpoint management automation software to boost endpoint security

Endpoints are constantly connected to the internet, so they offer a gateway for cyberattacks. Endpoint security is simply the process...

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign.Microsoft also revealed the workings of...

Murata Manufacturing suffers data breach of employees and customer

Japanese electronic components manufacturer Murata has released an apology Notice for the data breach of thousands of files in June that contained bank account...

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN)....

Zimbra flaw lets attackers access the mail servers

Researchers discovered a flaw in the open-source Zimbra code. As a result, an attacker would gain unrestricted access to all sent and received emails...

More Articles Like This