Android malware subscribes you to premium services without you knowing

Ro, 02 July 2022

Microsoft's 365 Defender Team says there's a growing popularity of malware that can subscribe you to a premium service without your knowledge. The attack is quite elaborate, though, and there are quite a few steps that the malware has to execute.

For starters, the apps harboring the malware are usually classified as "toll frauds" and use "dynamic code loading" to carry out the attack. In short, the malware subscribes you to a premium service using your telecom monthly bill. You are then forced to pay.

Android malware subscribes you to premium services without you knowing

The malware only works by exploiting the so-called WAP (wireless application protocol) used by cellular networks. That's why some forms of the malware disable your Wi-Fi or just wait for you to go outside of Wi-Fi coverage. This is where the aforementioned dynamic code loading comes into play. The malicious software then subscribes you to a service in the background, reads an OTP (one-time password) you may receive before subscribing, fills out the OTP field on your behalf and also hides the notification to cover its tracks.

The good news is that the malware is largely distributed outside of Google Play because Google restricts the use of dynamic code loading by apps. So be careful out there and avoid side-loading Android apps.



Reader comments

  • Sin
  • 14 Aug 2023
  • HCj

It's Google malware I think although I do think Google has a point when it come down too internet security the Google app store isn't the only app store with built in security and banking I do trust Google up too a point however Google...

  • Adul Al Salami Kebab
  • 07 Jul 2022
  • gx%

If Google just let me easy swap region for apps I would not need to do it...

I do that, too. I back up its data. Delete the app. Install the older version. And finally restore the app's data. Voila!

Popular articles


Popular devices

Electric Vehicles