UK regulator shuts down Angry Birds scam

Victims of fake apps will have £15 charge refunded by PhonepayPlus.

Angry Birds in space

Regulators have moved to block a scam that charged users of Android phones 15 each time they opened fake versions of popular apps.

The malware attack, known as RuFraud, hid malicious code in fake versions of popular apps, including Angry Birds, Cut the Rope and Assassins Creed. The fake apps were posted to Android app stores, and hid code that charged users via a premium rate SMS. Most users were defrauded by being charged for three 5 messages each time they opened an app.

However, industry regulator PhonepayPlus, working with anti-malware companies, was able to suspend the text message "shortcode" used by the app, and block any funds from reaching its operator.

In the UK, the RuFraud attack affected 1,391 mobile numbers and 27,850 was taken before PhonepayPlus suspended the shortcode. However, none of this money reached the app developers and will now be refunded.

PhonepayPlus acted against A1 Agregator Limited, which controlled the shortcode, and has fined the company 50,000. The company will also have to make refunds to consumers charged for the apps within three months, whether or not they complain.

The malware was sophisticated enough to suppress sent and received SMS traffic, so the first users knew about the fraudulent charges was when they received their bills.

"We will continue to clamp down on those who wish to take advantage of UK smartphone customers," warned Patrick Guthrie, PhonepayPlus' Director of Strategy and Communications.

"Mobile apps are a powerful malware delivery technique as most users are willing to allow apps to do anything to get the desired functionality [on their phones]," said Carl Leonard, senior security research manager for EMEA, at IT security firm Websense. "Cyber criminals are beginning to use these malicious apps not only to make a quick buck but to also steal valuable data."

Featured Resources

Defeating ransomware with unified security from WatchGuard

How SMBs can defend against the onslaught of ransomware attacks

Free download

The IT expert’s guide to AI and content management

How artificial intelligence and machine learning could be critical to your business

Free download

The path to CX excellence

Four stages to thrive in the experience economy

Free download

Becoming an experience-based business

Your blueprint for a strong digital foundation

Free download

Recommended

New malware uses search engine ads to target pirate gamers
malware

New malware uses search engine ads to target pirate gamers

21 Jul 2021
HackBoss malware is using Telegram to steal cryptocurrency from other hackers
cryptocurrencies

HackBoss malware is using Telegram to steal cryptocurrency from other hackers

16 Apr 2021

Most Popular

What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
BT conducts 'world's first' trial of quantum-secure communications
Network & Internet

BT conducts 'world's first' trial of quantum-secure communications

13 Sep 2021
Google takes down map showing homes of 111,000 Guntrader customers
data breaches

Google takes down map showing homes of 111,000 Guntrader customers

2 Sep 2021