Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43440
  • Total Topics: 16532
  • Online today: 3066
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 2
Guests: 3057
Total: 3059









Post reply

Name:
Email:
Subject:
Message icon:

Verification:
Type the letters shown in the picture
Listen to the letters / Request another image

Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

shortcuts: hit alt+s to submit/post or alt+p to preview


Topic Summary

Posted by: Pez
« on: 16. November 2012., 10:46:45 »

Mobile Crime Doesn’t Pay–in Japan

Writing Android malware can be a lucrative business for a criminal. One can create an SMS-sending Trojan horse or a botnet client and sit back to collect the money. It can also be a very brief business, leading one directly to jail. The crooks behind Android/OneClickFraud (malware that extorts users) and Android/DougaLeaker (malware that steals and forwards user data to the attacker) recently ran afoul of Japanese laws against malware and protecting personally identifiable information.

I already paid, why doesn’t this app work?
Android/OneClickFraud is a malware that pretends to be an adult entertainment app. Users fooled into downloading it expect that they’ll be able to view adult content but instead they’re presented with a request for payment. They get a pop-up every five minutes that says essentially that their payment has not yet been received.


Larger image
Android/OneClickFraud displays a message saying that payment hasn’t been made.

One would expect that almost nobody would fall for such a trick, especially after already paying. It turns out that more than 200 victims actually paid the thieves to the tune of ¥21 million (approximately US$265,000). Not a bad haul for a small band of criminals. Eventually the Japanese police caught up with the group, arresting six people, including the developer of the malware.

Let’s go to the movies
We’ve previously written about Android/DougaLeaker. This malware pretends to be “the Movie” or a trailer of video games and adult films.  This was a surprisingly successful social engineering tactic from the attackers. Victims hoping to view the trailers ended up getting their contacts stolen and sent to the attackers’ server.


Larger image
Android/DougaLeaker pretends to offer trailers of popular games and adult entertainment.

The purpose of the malware appears to be that of collecting contact data to promote a dating site. Viral marketing and asking customers to voluntarily send emails to all of their friends promoting your site is acceptable and legal, but using a Trojan to steal their contact lists gets you jail time.

It’s interesting that the people in charge of the dating company outsourced the development of the malware. Similar to trends in legitimate mobile development, criminals are also going to third parties when they don’t have the mobile development expertise in house. Although this means more work for third-party mobile developers, they should realize that they get the same punishment as the people who hired them.

A positive sign
It’s good to know that the authorities are going after the villains behind mobile malware. The work of Japanese law enforcement in finding and prosecuting the people behind these mobile threats is commendable. Although this is a good start, it’s unlikely that we’ll see all mobile malware disappear. We still see a majority of new malware coming from unregulated third-party app markets and from servers offering drive-by downloads of malware. As long as criminals can make a profit from mobile botnets and malware that can buy apps without user permission, it may be some time before we see a slowdown in such attacks.



Orginal article: Wednesday, November 14, 2012 at 4:01pm by Jimmy Shah

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023