News

Industries

Companies

Jobs

Events

People

Video

Audio

Galleries

My Biz

Submit content

My Account

Advertise with us

New malware downloads paid apps without user's knowledge

Experts at G Data Security Labs have discovered a new type of Android malware that downloads paid apps without the knowledge of the smartphone or tablet user. The malware is hidden in fake GO Weather, Travel Sky or E-Strong File Explorer apps and is being distributed through various Chinese websites and third-party provider app marketplaces.
New malware downloads paid apps without user's knowledge

At the moment, the perpetrators are targeting customers of the world's largest mobile provider, China Mobile. The Trojan gains access to the mobile provider's app store and can then download and install additional malware or paid apps. G Data Security Labs thinks it might spread to the rest of the world.

Access to app store

Online criminals have been using the Android malware MMarketPay.A as a new way of making money from e-crime. Previously, malware writers had been focusing on the theft of personal data, spy attacks and sending premium-rate SMSes. Now they have managed to gain access to a mobile provider's app store for the first time. To do this, the malware changes the mobile device's access point name (APN) and connects to China Mobile.

Access points on tablets and smartphones are usually used by mobile providers to provide system up-dates, for example. Here, the Trojan intercepts the confirmation message and provides a response via a special server. The malware can thus access China Mobile's app store without logging in, then purchase and install any apps at the victim's expense at any time.

Let's do Biz