We often talk about malware in the mobile space, and most reports out there usually paint Google’s mobile OS as an easier target for individuals that want to take advantage of security flaws in mobile devices to make money off of unsuspecting smartphone and tablet users.
The following story is no different, although it’s not exactly known how many Android users were affected by the malware apps that we’re going to talk about.
A French 20-year-old hacker from Amiens has been arrested for collecting around 500,000 Euros from 17,000 “clients” in under two years.
The hacker, who didn’t have any formal training but who was “described by prosecutors as extremely smart,” designed apps that looked like original apps from other developers and then offered them for download free of charge.
Once downloaded, the malware apps would send SMS text messages in the background to a number set up by the hacker without the owner of the phone knowing what was happening. He also obtained via the same apps sign in credentials for gaming and gambling sites used by the victims.
While the BBC article that details the story doesn’t offer details on what mobile operating sytems were more prone to such attacks, it does say that “smartphones that use Google software were the most susceptible.”
His motivation wasn’t apparently pure greed though,”but rather a love of computers and an ambition to be a software developer.”
We have recently learned that Android 4.2 may include additional security features that would stop such malware apps from sending text messages to premium numbers, or at least warn the user that such an SMS message is about to be sent. However, not all Android devices will be updated to Android 4.2, which means that hackers like this guy in Amiens, France, will be still able to target the Android ecosystem with similar malicious apps.
Have you been the victim of such malware apps?