SMS Malware Served on Google Play Installed by up to 1.2 Million Users

SMS Trojan uploaded to Google Play. Removed on January 13, 2014

Researchers from Panda Security have come across a total of five malicious applications designed to subscribe the owners of infected devices to paid mobile services. The worst part is that all of the apps have been uploaded to Google Play.

The apps in question appear to target Spanish-speaking users. They’re called something like Peinados Fáciles (Easy Hairdos), Dietas para Reducir el Abdomen (Abs Diets), Rutinas Ejercicios para el Gym (Workout Routines) and Cupcakes Recetas (Cupcake Recipes).

Once they infect a device, they wait for the user to open WhatsApp. The malware is designed to steal the victim’s phone number from WhatsApp and uses it to sign up for premium SMS subscription services.

At first sight, the apps seem harmless. They display tips on the various topics to avoid raising any suspicion.

Experts say that each of them has been downloaded between 50,000 and 100,000 times. This means that between 300,000 and 1.2 million users could have installed them.

“The truth is that fraudsters are making insane amounts of money from these premium services. A conservative estimate of, let’s say, €20 paid by each user would result in a huge sum of 6 to 24 million euros stolen from victims,” noted Luis Corrons, technical director of PandaLabs.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s