A large fraudulent campaign involving 151 Android apps subscribes mobile device owners to paid services without their knowledge. In total, these apps have been downloaded over 10 million times.
The experts of the antivirus company Avast drew attention to the activity of the scammers; they also named it “UltimaSMS”. Also, experts notified Google about malicious applications posted in the official Play Store.
Despite the fact that Google promptly removed all suspicious software, scammers managed to earn millions of dollars through paid subscriptions and gullible users.
As we noted above, 151 malicious applications were used in the scheme. The cybercriminals disguised these programs as games, third-party keyboards, QR code scanners, photo and video editors, spam call blockers, camera filters, and much more.
As soon as the software got to the victim’s device, it immediately intercepted data such as location, IMEI, language of the operating system. To access the functions of the application, they were prompted to enter a phone number and an email address.
Having received a phone number and all the necessary rights in the OS, the malware subscribed the user to a paid SMS service, for which the victim was charged $ 40 every month. The scammers themselves acted here as a partner of the affiliated network.
Avast analysis showed that the developers of the fraudulent applications used a system that writes out the highest possible bills to victims based on geolocation.
Catch up on more stories here
Follow us on Facebook here