Security News > 2022 > July > Microsoft Warns About Evolving Capabilities of Toll Fraud Android Malware Apps
Microsoft has detailed the evolving capabilities of toll fraud malware apps on Android, pointing out its "Complex multi-step attack flow" and an improved mechanism to evade security analysis.
Toll fraud belongs to a category of billing fraud wherein malicious mobile applications come with hidden subscription fees, roping in unsuspecting users to premium content without their knowledge or consent.
"In the case of toll fraud, the malware performs the subscription on behalf of the user in a way that the overall process isn't perceivable," the researchers said.
Toll fraud malware is also known to cloak its malicious behavior by means of dynamic code loading, a feature in Android that allows apps to pull additional modules from a remote server during runtime, making it ripe for abuse by malicious actors.
With an install rate of 0.022%, toll fraud apps accounted for 34.8% of all PHAs installed from the Android app marketplace in the first quarter 2022, ranking below spyware.
To mitigate the threat of toll fraud malware, it's recommended that users install applications only from the Google Play Store or other trusted sources, avoid granting excessive permissions to apps, and consider upgrading to a new device should it stop receiving software updates.
News URL
https://thehackernews.com/2022/07/microsoft-warns-about-evolving.html
Related news
- SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks (source)
- Fake Microsoft Office add-in tools push malware via SourceForge (source)
- SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps (source)
- New Android malware steals your credit cards for NFC relay attacks (source)
- Russian army targeted by new Android malware hidden in mapping app (source)