UK regulator shuts down Angry Birds scam

Victims of fake apps will have £15 charge refunded by PhonepayPlus.

Angry Birds in space

Regulators have moved to block a scam that charged users of Android phones 15 each time they opened fake versions of popular apps.

The malware attack, known as RuFraud, hid malicious code in fake versions of popular apps, including Angry Birds, Cut the Rope and Assassins Creed. The fake apps were posted to Android app stores, and hid code that charged users via a premium rate SMS. Most users were defrauded by being charged for three 5 messages each time they opened an app.

However, industry regulator PhonepayPlus, working with anti-malware companies, was able to suspend the text message "shortcode" used by the app, and block any funds from reaching its operator.

In the UK, the RuFraud attack affected 1,391 mobile numbers and 27,850 was taken before PhonepayPlus suspended the shortcode. However, none of this money reached the app developers and will now be refunded.

PhonepayPlus acted against A1 Agregator Limited, which controlled the shortcode, and has fined the company 50,000. The company will also have to make refunds to consumers charged for the apps within three months, whether or not they complain.

The malware was sophisticated enough to suppress sent and received SMS traffic, so the first users knew about the fraudulent charges was when they received their bills.

"We will continue to clamp down on those who wish to take advantage of UK smartphone customers," warned Patrick Guthrie, PhonepayPlus' Director of Strategy and Communications.

"Mobile apps are a powerful malware delivery technique as most users are willing to allow apps to do anything to get the desired functionality [on their phones]," said Carl Leonard, senior security research manager for EMEA, at IT security firm Websense. "Cyber criminals are beginning to use these malicious apps not only to make a quick buck but to also steal valuable data."

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Recommended

HackBoss malware is using Telegram to steal cryptocurrency from other hackers
cryptocurrencies

HackBoss malware is using Telegram to steal cryptocurrency from other hackers

16 Apr 2021
Data breach exposes widespread fake reviews on Amazon
data breaches

Data breach exposes widespread fake reviews on Amazon

7 May 2021
TsuNAME vulnerability could enable DDoS attacks on major DNS servers
distributed denial of service (DDOS)

TsuNAME vulnerability could enable DDoS attacks on major DNS servers

7 May 2021
What are SSH keys?
cyber security

What are SSH keys?

7 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021