Friday, July 23, 2021

WAPDropper malware abuses Android devices for WAP fraud

Must Read

Europol: Beware Fake Dark Web COVID19 Vaccines

Since the UK starts preparations to set up a COVID-19 vaccine, law enforcers are warning of fake versions circulating...

FICO Creates cryptocurrency Commerce Threat solution for banks

FICO has awakened with Bitfury Group to make a cryptocurrency hazard appraisal solution for financial institutions. The program will bring...

Cyber Criminals Exploit zero-day vulnerability in FTA servers for Data Theft and Extortion

Cybersecurity company FireEye said today cybercriminal gang known as FIN11 performed a zero-day attack on Accellion FTA servers that...

New WAPDropper malware signals users up to premium services supplied from telecoms from Thailand and Malaysia.

Security researchers have discovered a new breed of Android malware has been now dispersed in the wild, mostly targeting users situated in Southeast Asia.

Launched by security company Check Point, this malware is called WAPDropper and is now spread via malicious programs hosted on third-party program shops.

Check Point reported that when the malware infects an individual, it begins signing them up for top telephone numbers that charge big fees for a variety of kinds of services.

The final result is that contaminated users could get big phone bills every month till they unsubscribed in the top number or documented the problem for their cellular provider.

Check Point states based on the top phone numbers used within this strategy, the malware writers are probably established or cooperating with a person in Thailand or Malaysia.

“In this and similar strategies, both the hackers and the proprietors of this top rate numbers are co-operating or maybe the same group of individuals,” the firm said now at a report.

“It is only a numbers game: the further forecasts made utilizing the premium-rate services, the more revenue is created for people behind the providers. Everyone wins, except that the unlucky victims of this scam.”

In terms of the malware, Check Point states WAPDropper worked using two distinct modules. The first was called a dropper, although the second module was that the part that conducted the true WAP fraud.

The initial module has been the only one packed within the malicious programs, primarily to decrease the fingerprint and size of any malicious code within them. After the programs were installed and downloaded onto a device, this module could download the next element and begin defrauding victims.

But Check Point also wishes to increase an indication of alert about this specific bit of malware.

“Right now this malware falls a superior dialer, but in the long run, this payload can alter to fall whatever the attacker needs,” Aviran Hazum, Manager of Mobile Research at Test Point, informed.

“This kind of multi-function dropped,’ which further installs on a user’s telephone and downloads additional malware, has turned into a key cell infection trend we have observed in 2020.

All these dropper’ trojans represented almost half of mobile malware attacks between January and July 2020, together with joint infections from the hundreds of millions worldwide.

The Check Point staff additionally told that for now, they discovered the WAPDropper malware within programs called”af,””dolok,” an email program called”Mail ,” along with a children’s game called”Amazing Polar Fishing.” Users who installed some of those apps from beyond the Play Store are advised to eliminate them from their apparatus whenever possible.

a2434345d63481a40f0d145881b41013?s=96&d=mm&r=g
Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

OAIC: Uber found to have interfered with the privacy of over 1.2 million Australians

The Office of the Australian Information Commissioner (OAIC) has determined that Uber Technologies, Inc. and Uber B.V. have interfered...

Over 80 US Municipalities data are exposed due to Misconfigured Amazon S3

A team of Cybersecurity researchers at Wizcase found major data exposure of Over 80 US Municipalities due to the Misconfigured Amazon S3 Bucket. This happened...

Formbook malware Upgraded as an XLoader malware to Attack macOS Systems

Researchers have spotted an upgraded malware variant of Formbook malware which is now Upgraded as an XLoader malware to Attack macOS Systems. Cybersecurity researchers on...

Millions of HP, Samsung, Xerox Printers are Vulnerable to 16 year old bug

A 16-year-old security vulnerability affects Millions of HP, Samsung, Xerox Printers Driver allows attackers to gain admin rights on systems using the vulnerable driver...

MosaicLoader malware targets cracked software via SEO poisoning

New MosaicLoader malware targets users that are searching to download cracked software. Cybercriminals run ad campaigns in search engine results to boost their malicious...

More Articles Like This