You must beware! This Android malware can automatically subscribe to premium services by stealing your OTP


Indeed, this Android malware forces subscriptions on your account, which are then added to your telecom operator’s monthly billing cycle. This causes you to face exorbitant fees on your account, which you are then required to pay since transactions are technically allowed through your account only.

How the Android Malware Flaw Works

As described by Microsoft, the toll fraud malware violates the Wireless Application Protocol (WAP) via certain cellular networks, which is why the first step for these applications is to disable the Wi-Fi network on the a target user’s phone – or waiting for them to do so. be within cellular network coverage.

Once in cellular coverage, the malware enforces a premium account subscription in the background, unbeknownst to the user. It then uses dynamic code loading, which executes web commands based on automatic instructions through an application, and navigates to the payment page of a subscription that you have not voluntarily chosen.

On its payment page, the malware allows payment for a subscription through your cellular network and also intercepts and hides the one-time password that you may receive from your notification panel. It also uses elevated system privileges to access this password and enter it on your subscription page to then charge it on your network operator’s overall bill.

Microsoft notes that these scams are widely distributed outside of the Google Play Store since the latter’s policies include restrictions for apps with dynamic code loading – which are thus unable to execute automatic commands.

Therefore, beware of apps you download outside the Google Play Store, as they can often include malware that can lead to the loss of sensitive data and money, all without your knowledge or approval.


Comments are closed.