Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mobile Game Trojan Calls the South Pole

Posted by kdawson on from the if-a-penguin-answers dept.

UgLyPuNk writes with an excerpt from Gamepron.com: "Freeware games can actually cost you more money than their pay-to-play cousins, as mobile gamers in the UK have learned. A 'booby-trapped' version of a popular Windows Mobile game has been sneakily spending their money while they sleep – by dialing phone numbers in the Antarctic behind their backs."

14 of 195 comments (clear)

  1. One really has to wonder... by Lord+Artemis · · Score: 3, Insightful

    ...how they even *found* numbers in the Antarctic. It's not like you can set up a phone line down there, and I can't imagine many people would have occasion to call the Antarctic.

    --
    Air is just like fog, but it's not gray.
    1. Re:One really has to wonder... by MichaelSmith · · Score: 2, Insightful

      I don't know how UK mobile providers do it, but I had to call my cell provider (Sprint) to enable international dialing before I could dial past +1.

      My bet is that this is a US specific thing. Certainly in Australia new SIM cards can by default dial any number on Earth (and for all I know, some not on Earth). International roaming OTH is not always enabled by default and I have been bitten by this a few times.

      --
      http://michaelsmith.id.au
    2. Re:One really has to wonder... by JWSmythe · · Score: 4, Insightful

          You know, I was curious about this too. I found this page which shows there to be no phones (land lines nor cell) in the Antarctic. Wikipedia has a reference to calls being relayed over HAM radio only. They also mention that Scott Base does have a satellite relay for telephone calls. It seems they do have a country code assigned (672), so I'd suspect that someone got a number assigned, regardless of the fact that they aren't really there.

          What I don't exactly see is how they're profiting off the number. I know some long distance calls act as premium rate numbers (like dialing a 900 number in the US), where a profit can be had from the initial connection and the minutes on the maintained connection. It should be a simple matter to follow the money back to the source of the problem, and prosecute them accordingly. It's becoming rare that pranks like this are done just as pranks. There's usually a financial interest in it.

      --
      Serious? Seriousness is well above my pay grade.
  2. Re:LOL by vivian · · Score: 5, Insightful

    Crappy brain dead design strikes again.
    Why on earth are mobile phone apps even allowed to make calls in the first place, without some sort of specificaly made user authorization?

    Surely that should be something that has to be done on a per-application basis, and only after the user has allowed it by entering an authorization password to allow the app to access those parts of the phone!?
    There should also be a way to limit the number or costs of calls (per application) that is built in at the lowest possible level too.

  3. Re:LOL by FearForWings · · Score: 4, Insightful
    The simple answer is that the phone companies hope you'll be to embarrass to contest the charges.

    Simmilar examples can be found in:

    1.) Back in the good old days of dial-up, there were adult sites that would give "free" access assuming you (stupidly/unknowingly) dialed into a south-pacific island nation number that had a north American prefix, with your unlimited long distance account.*
    2.) All the cell joke and ring tone numbers you can "get for free" that are/were advertised on TV.

    *my brother found out about this the hard way

    --
    I don't know about angles, but it's fear that gives men wings. -Max Payne
  4. Re:LOL by KDR_11k · · Score: 2, Insightful

    Might be using some software bug to circumvent the prompt but yeah.

    --
    Justice is the sheep getting arrested while an impartial judge declares the vote void.
  5. Re:LOL by Anonymous Coward · · Score: 3, Insightful

    the problem is that a secure design would show a popup like:

    do you want to call this 00431341424345 number with your modem (yes/no/always allow this number) every time the modem driver engage

    instead windows 7/vista shows us a popup like:

    the application solitaire.exe requires you authorization to continue (yes/no)

    and that popup is so common that users click trough it without a second thought.

  6. Re:What to the hackers gain? by thegarbz · · Score: 4, Insightful

    This is almost triggering nostalgia. I remember the good old days where viruses were actually malicious to the system they were installed on. None of this run silently in the background bot zombie we'll use your resources if we need it to further our own gain crap.

    In the good old days a virus just wasn't a virus if it didn't format your C: on some arbitrary birthday of the writer, or nuke your master boot record, or even copy itself to the master boot record so that when you started up the computer said Suck It! Rather than displaying the Windows 3.11 loading screen. Man it sucked re-installing dos and windows from floppies.

  7. Re:OS name appropriate - WinCE by Anonymous Coward · · Score: 2, Insightful

    Nerds can enjoy the same joke over and over for periods much longer than 10 years. It means we don't need to spend a lot of money on entertainment, assuming of course that we actually did spend money on entertainment instead of pirating it. Did I mention that peg legs and eye patches ARRR still funny, too?

  8. Re:LOL by jimthehorsegod · · Score: 3, Insightful

    ... software bug ....

    Oh I hardly think that likely...

  9. Hmmm... by rindeee · · Score: 2, Insightful

    I guess that whole "Is your refrigerator running" crank would be sort of un-funny given the circumstances....

  10. Re:What to the hackers gain? by fuzzyfuzzyfungus · · Score: 4, Insightful

    Frankly, the kiddie vandal stuff was way less dangerous than the pro-level sneaky botnet crap we put up with now. Yeah, it sucked for the target(whereas, with a sufficiently powerful machine, your modern malware victim can limp along for months); but diseases virulent enough to kill their hosts swiftly don't spread as well, and don't have time to spam.

    It would be ugly, for a while; but if more modern viruses nuked their hosts, as opposed to quietly lurking and spamming, the internet would be a safer, cleaner, place today.

  11. Re:LOL by DJRumpy · · Score: 2, Insightful

    All of the 3rd party code in the App store is reviewed and no code is placed into the App store until review is complete. This sort of hack, which would have to use non-standard API's to accomplish this, is exactly what such reviews would find. Love it or hate it, it is an effective tool in finding such malware. It is not a catch all, but is an important piece.

    "You are aware that Apple don't review code before it is added to the shop right?"

  12. Why attack freeware? by Anonymous Coward · · Score: 4, Insightful

    This isn't freeware. It was a shareware version of a "pay" game that was cracked and injected with malware. Why does the summary make it look like freeware is more dangerous than pay-to-play? This is just another case where warez is more dangerous than legitimate software.