A security company has a form of Android malware was discovered in which an app is the phone number of the user steals from WhatsApp in order to subscribe to premium sms services. The malware is between 300,000 and 1.2 million downloads.
The malware was, according to Panda Security, hidden in apps in Google’s Play Store with more cupcakerecepten and calorie counters, diet tips, and seemed, therefore, specifically aimed at women. The apps gave a window with a big Accept button, then a window with unreadable terms and conditions. In which conditions was that the user agrees to a subscription to a premium sms service.
That premium sms service sent an sms text to confirm the subscription, but the app stopped that, took out the pin from the text message, confirming the subscription to the service site. All of that happened in the background, without the user could see anything.
The apps got the phone number of the user from the sim card, but from the chat app WhatsApp. Thus did the app not have access to beldiensten. The malware is downloaded by between 300,000 and 1.2 million people, presumably mostly Spanish-speaking Android users. That the apps in Play Store appeared, presumably because they have little pull of until now-appeared malware. The apps are indeed demanding permission for the closure of the subscription to sms services. The apps aroused little suspicion because they are hundreds to thousands of reviews with an average of four stars. Google has the apps already removed.
Although a lot of malware is aimed at Android, the threats are often out of apps not in Google Play Store appear. Often is malware in apps, for example file-sharing sites which users think that it is a cracked version of a paid app. A lot of malware is in the apps for alternative downloadwinkels. Google checks apps with its Bouncer program on malware before they are in the Play Store. In addition, Google apps users sideload to install on malware check.
