UK regulator shuts down Angry Birds scam
Victims of fake apps will have £15 charge refunded by PhonepayPlus.
Regulators have moved to block a scam that charged users of Android phones 15 each time they opened fake versions of popular apps.
The malware attack, known as RuFraud, hid malicious code in fake versions of popular apps, including Angry Birds, Cut the Rope and Assassins Creed. The fake apps were posted to Android app stores, and hid code that charged users via a premium rate SMS. Most users were defrauded by being charged for three 5 messages each time they opened an app.
However, industry regulator PhonepayPlus, working with anti-malware companies, was able to suspend the text message "shortcode" used by the app, and block any funds from reaching its operator.
In the UK, the RuFraud attack affected 1,391 mobile numbers and 27,850 was taken before PhonepayPlus suspended the shortcode. However, none of this money reached the app developers and will now be refunded.
PhonepayPlus acted against A1 Agregator Limited, which controlled the shortcode, and has fined the company 50,000. The company will also have to make refunds to consumers charged for the apps within three months, whether or not they complain.
The malware was sophisticated enough to suppress sent and received SMS traffic, so the first users knew about the fraudulent charges was when they received their bills.
"We will continue to clamp down on those who wish to take advantage of UK smartphone customers," warned Patrick Guthrie, PhonepayPlus' Director of Strategy and Communications.
"Mobile apps are a powerful malware delivery technique as most users are willing to allow apps to do anything to get the desired functionality [on their phones]," said Carl Leonard, senior security research manager for EMEA, at IT security firm Websense. "Cyber criminals are beginning to use these malicious apps not only to make a quick buck but to also steal valuable data."
BCDR buyer's guide for MSPs
How to choose a business continuity and disaster recovery solutionDownload now
The definitive guide to IT security
Protecting your MSP and your customersDownload now
Cost of a data breach report 2020
Find out what factors help mitigate breach costsDownload now
The complete guide to changing your phone system provider
Optimise your phone system for better business resultsDownload now