UK mobile regulator shuts down Android malware network

UK mobile phone authorities have shut down a malware attack that was targeting Android phones and cost UK users nearly £30,000.

The malware was hidden within fake versions of popular Android games such as Angry Birds, Assassins Creed and Cut the Rope, which were then uploaded to the Android app store.

These apps would then send premium rate SMS message when the app was opened, costing the unsuspecting user £15 a go. The malware was also capable of hiding the messages from the phone’s sent folder, meaning many only became aware when they received their bill.

PhonepayPlus, the UK body that regulates premium rate phone numbers and services, said around 14,000 downloads of the malicious apps were made worldwide. In the UK it infected 1,391 mobile numbers, resulting in £27,850 being taken from users before the scam was discovered and shut down.

However PhonepayPlus says it was able to ensure no money reached the company behind the attack and all the victims will get their money back.

The malicious apps were part of the RuFraud scam, which Google cleared from the Android store in December 2011.

PhonepayPlus says it has taken action against A1 Agregator Limited, the company behind the scam. It has been fined £50,000 as well as ordered to refund all consumers within three months. It will also have to check in with PhonepayPlus for a year if it wants to run any premium rate service in the UK.

"We will continue to clamp down on those who wish to take advantage of UK smartphone customers," said Patrick Guthrie, PhonepayPlus’ director of strategy and communications. The digital economy is vital to the UK’s future and we will continue to take action to maintain the confidence of the public."

David Emm, security researcher at Kaspersky Lab, said there has been a startling increase in Android malware recently.

"The mobile threat landscape is dominated by malware designed to run on Android – 65% of all threats are aimed at this platform," he said. "The platform is popular, it’s easy to write apps for it and it’s easy to distribute them via Google Play – so it’s little wonder that cybercriminals are making use of Google Play, where malware masquerades as a legitimate app."

"Everyone should be cautious when downloading apps. Clearly it’s safer to download apps from a trusted site like Google Play. But should still pay close attention to the permissions requested by an app when you install it. If it asks for permission to send/receive messages, but this doesn’t match the functionality of the app, don’t install it," he added.

A recent report by security firm McAfee found that threats on the Android system had increased 1,200% in the first three months of this year compared to the last three months of 2011.

At the end of last year it was claimed that malicious apps could have stolen at least $1m from Android users, mostly from premium-rate SMS Trojans.

Further reading:

Android becomes mobile malware target of choice

Lax Android security means 2012 will be year of mobile malware

Dodgy apps steal $1m from Android users: report

Google cleans up malicious Android Market apps

Sign up for our regular news round-up!

Give your business an edge with our leading Tech Monitor

Sign up