A new menace is wreaking havoc on smartphones across the world, with over 40% of attacks apparently taking place in India alone. Dubbed Xafecopy Trojan, the malware steals money by taking advantage of Wireless Application Protocol (WAP) billing.
Security firm Kaspersky discussed Xafecopy in a report it issued out recently, claiming that the malware can embezzle cash from a victims mobile account without their knowledge. It starts out by disguising itself as an app like BatteryMaster, but secretly downloads malicious code onto the target phone.
Once the app is in use, Xafecopy has free rein to click on websites with WAP billing, a type of online payment which directly charges costs to a person’s mobile bill. It can then subscribe the handset to any number of services since there’s no debit card, credit card, or user name/password to deal with.
Also Read: Over 36.5 million Android users infected by Judy malware
Xafecopy is apparently even capable of bypassing captcha systems which are in place to determine whether a person is human or not. It’s currently targeting nations where WAP billing is popular including India, Russia, Mexico, and Turkey. All-in-all, 4800 users spread across 47 countries have been hit in a month’s time.
Worryingly enough, Kaspersky states that such WAP billing manipulations are on the rise. The malware itself has been caught with different modifications. For instance, it can delete incoming messages to hide alerts from operators warning victims about the theft and send texts to premium-rate phone numbers.
Kaspersky is now warning Android users to be cautious about the kind of apps they download, particularly third-party ones. It’s also advising them to scan their applications locally with Verify Apps and download a mobile security suite.