Slashdot Mirror

← Back to Stories (view on slashdot.org)

Majority of Mobile Malware Now Reliant On Toll Fraud

Posted by timothy on from the reverse-the-charges-operator dept.

CowboyRobot writes "Spyware is no longer the primary concern with unwanted software on mobile devices. According to mobile security firm Lookout, most mobile malware performs 'toll fraud' — billing victims using premium SMS services. The problem is very geographically-dependent, worst in areas with weak SMS regulation, particularly China, Ukraine, and Russia, where users are 10,000 times more likely to have malware on their phones than users in Japan, for example. Other risks include mobile ads surreptitiously uploading personal data, as well as apps that download other malware without users knowing. The full report is available."

14 of 39 comments (clear)

  1. But... by Anonymous Coward · · Score: 5, Funny

    But... But... You cant have regulations, you have to let the Free Market....

    Thank god i live in a socialist hellhole where when this crap started to spring up it got massively stomped on by regulating the crap out of it.

    1. Re:But... by dinfinity · · Score: 4, Interesting

      Looking at Europe, policies indeed seem to influence matters significantly: https://www.mylookout.com/_gfx/page-images/state-mobile-security/likelihood-heat-map.jpg

      I'm not sure whether France and Norway are particularly lax in their SMS regulation, but it could be.

    2. Re:But... by Hazel+Bergeron · · Score: 4, Funny

      But.l. but... look at the infection rate in Somalia!

      As usual, the free market wins. I'm moving there tomorrow.

    3. Re:But... by Viol8 · · Score: 2, Insightful

      Dumb yank. Socialist != communist.

    4. Re:But... by Anonymous Coward · · Score: 2, Informative

      The Netherlands is in comparison pretty socialist, and it has a below average infection of malware, and you can smoke pot legally, and it has an above average IQ of 102!

      (source for last statement: http://www.sq.4mg.com/NationIQ.htm )

      Woo!

  2. Re:Slashdot rss feed broken by Anonymous Coward · · Score: 4, Funny

    stuck at "It's Easy To Steal Identities (Of Corporations)"

    try lifting the lid and blowing on it, then jiggle the cable... and if that doesn't work, give it a few good knocks on the side

  3. Why do we even need a system for premium rate SMS? by PSVMOrnot · · Score: 5, Insightful

    Seriously, why do we even need a system which lets people charge arbitrary ammounts via SMS? It's insecure, ripe for abuse and open to fraud. I don't think I have ever seen it used for a beneficial purpose, except perhaps for charity donations which could just as easily be done via another system.

    So, why not just shut the thing down? Or, heck just limit it to registered charities; it's not like anyone else uses it but those who prey on the weak (rip off custom ringtone companies, horoscope peddlers and malware)

  4. Only prepaid SIM cards for me... by Anonymous Coward · · Score: 5, Interesting

    I'm working as a programmer since nearly 20 years and I just love technology. I use Linux as a desktop since the early days of Slackware, back when it took quite a leap of faith.

    My cellphone? An iPhone... With a prepaid SIM card!

    That way I'm sure that: a) I'll spend way less than any "plan" (master plan one could say ; ) any operator could come up with and b) no malware / premium SMS service / crazy app/site eating my 3G bandwith can never "eat" more than the data limit available on my prepaid card.

  5. Re:Why do we even need a system for premium rate S by windviewer · · Score: 3, Insightful

    It would be reasonable to expect a means by which the consumer could opt out of premium SMS services (all of them) similar to having call blocks for long distance, 900 calls, etc. on your home phone. Even better, the default would off, and you would have to UNBLOCK the ability by contacting your telco. Alas, this would never be provided voluntarily by a telco without regulation...

  6. Re:Why do we even need a system for premium rate S by Anonymous Coward · · Score: 2, Informative

    Actually I use it for quite a few things.

    -) Paying parking fees. You just send a text with the amount if time you want to book and you can extend it without going to your car too. Getting the parking fee coupons on paper is a major PITA, you can only buy them in

    -) Paying for the washing mashine at my student dorm.

    You can also:

    -) Buy tickets for public transport.

    So it is quite usefull and I have not heard of any abuse using malware in my country. It only works for national numbers and therefore any fraud could be quickly prosecuted.

  7. Re:Why do we even need a system for premium rate S by berashith · · Score: 3, Interesting

    you would think this is a reasonable request. My wife had a twenty dollar charge on a tmobile account, and they said that she had used "premium" network services. She had to pay that time, and went through every formal protest that she could just to record that it wasnt her and we would not pay twice. All of the texting plans outside of pure data ( g-chat, g-voice, email , etc) had already been disabled. 2 months later it happened again.We had to fight tooth and nail to get them to remove the charge, and then they ended up forgetting the promise to undo the charge and said it was our responsibility to have the charges removed by the vendor... completely ignoring the fact that as no service was purchased, there was no vendor to speak with. They also tried to say that anyone with the phone's email address could place charges to the number , and the tmobile would just pass through the charges. We knew this was obvious bullshit, and got the guy to bac down on that one. Hours later they finally realised that this is their issue, and that they were about to lose customers, so they gave the cash back " within 90 days".

  8. Re:Why do we even need a system for premium rate S by xaxa · · Score: 3, Interesting

    It has some uses (see other replies), and it's OK if you have strong regulation of the service providers.

    Example here, which was news here last week:

    A malware attack targeted at 18 countries that cost unsuspecting users £15 every time they tried to open a ‘free’ app has been cut off by PhonepayPlus, the UK’s premium rate telephone services regulator. Sanctions imposed by the regulator’s Tribunal will see all money returned to UK consumers on top of a £50,000 fine imposed on the provider of the premium rate shortcodes that enabled the apps to fraudulently charge smartphone users.

    none of this £27,850 of UK consumers’ money reached the fraudsters.

    (The apps were "free" versions of popular apps, downloaded from alternative app stores -- not the Google one -- or websites.)

  9. Off by a factor of 10. by Dean+Edmonds · · Score: 2

    The report says that devices in Japan have a 0.04% chance of being infected. If China and Russia are "10,000 times more likely" to be infected then that would give them infection rates of 400%, which seems unlikely.

    In fact the report states that the rate for Russia is 41.6% making it "only" about 1,000 times more likely than Japan.

    --

    -deane

  10. Re:Why do we even need a system for premium rate S by TheLink · · Score: 2

    They eventually gave you your cash back, but how many people would do what you did and fight them for the money?

    It's just a way of stealing lots of money from very many people. The telcos get a cut, so their bosses don't care.

    If you stole even 20 bucks from someone, they call the cops on you and you'd be in trouble, but the Telcos and their partners get away with stealing from thousands and thousands of people.

    --