Security News > 2022 > July > Microsoft Warns About Evolving Capabilities of Toll Fraud Android Malware Apps
Microsoft has detailed the evolving capabilities of toll fraud malware apps on Android, pointing out its "Complex multi-step attack flow" and an improved mechanism to evade security analysis.
Toll fraud belongs to a category of billing fraud wherein malicious mobile applications come with hidden subscription fees, roping in unsuspecting users to premium content without their knowledge or consent.
"In the case of toll fraud, the malware performs the subscription on behalf of the user in a way that the overall process isn't perceivable," the researchers said.
Toll fraud malware is also known to cloak its malicious behavior by means of dynamic code loading, a feature in Android that allows apps to pull additional modules from a remote server during runtime, making it ripe for abuse by malicious actors.
With an install rate of 0.022%, toll fraud apps accounted for 34.8% of all PHAs installed from the Android app marketplace in the first quarter 2022, ranking below spyware.
To mitigate the threat of toll fraud malware, it's recommended that users install applications only from the Google Play Store or other trusted sources, avoid granting excessive permissions to apps, and consider upgrading to a new device should it stop receiving software updates.
News URL
https://thehackernews.com/2022/07/microsoft-warns-about-evolving.html
Related news
- Android malware uses NFC to steal money at ATMs (source)
- New NGate Android malware uses NFC chip to steal credit card data (source)
- Cybercriminals Deploy New Malware to Steal Data via Android’s Near Field Communication (NFC) (source)
- New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards (source)
- Microsoft: Exchange Online mistakenly tags emails as malware (source)
- Microsoft mistake blows up admins' inboxes with fake malware alerts (source)
- SpyAgent Android malware steals your crypto recovery phrases from images (source)
- New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys (source)
- Beware: New Vo1d Malware Infects 1.3 Million Android-based TV Boxes Worldwide (source)
- New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram (source)