How to make money with mobile malware | Graham Cluley’s blog

How to make money with mobile malware

Remember the old days of dialler Trojan horses?

Back when most of us didn’t have broadband at home, and connected to the internet via a modem, we saw a type of malware which could take advantage of the phone line plugged into the back of your PC and dial an expensive premium rate number.

In this way, criminal hackers could make money out of your infected computer – and you might know anything about it until you received an expensive telephone bill.

Dialler Trojan horses went the way of the dinosaur as consumers turned their back on modem connections and adopted broadband en masse.

But, as F-Secure’s Mikko Hypponen explained today at the Virus Bulletin conference, the threat may have returned in a different form through the use of virtual premium rate numbers.

Earlier this year I described the Terdial Trojan horse, which was distributed posing as a Windows mobile game called “3D Anti-terrorist action”, but appeared to make calls to Antarctica, Dominican Republic, Somalia and Sao Tome and Principe without the owner’s permission.

So how did it make money for the hackers?

Well, it transpires that although the Trojan did make phone calls to numbers associated with various far-flung corners of the world, the calls never made it that far.

That’s because the phone numbers were what are known as virtual numbers. It’s perfectly possible to find telephone operators on the web who will rent you premium phone number associated with, say, Antarctica, and pay you every time that a call is made.

Unlike other legitimate premium rate numbers (such as 1-900 in USA), there is no regulation preventing abuse of the virtual numbers, and the ‘owner’ of the number gets paid instantly rather than having to wait 30 days.

And your call never actually gets as far as Antarctica or North Korea. It’s stopped in your own country, but you’re still billed as though you rang that far away place.

The days of Trojan horses making money out of dial-up modem connections may be long gone, but here’s a model for money-making that mobile malware authors could certainly exploit.

Posted on September 30th, 2010 by Graham Cluley, Sophos
Filed under:
Malware, Mobile

  

Media_httpwwwsophosco_zeybj

  

Media_httpwwwsophosco_mevqi

  

  

Media_httpwwwsophosco_ytcoq

  

  

  

  

Media_httpwwwsophosco_tuygd

  

  

Media_httpwwwsophosco_odgar

  

Media_httpwwwsophosco_edhfu

New! – Download Sophos’s free iPhone app“;
document.write(AppPromo);
}
else
{

var DownloadLink= “http://www.sophos.com/products/free-tools/free-security-scans.html?utm_source=Non-campaign&utm_medium=Cross-link&utm_campaign=Blog-SS-promo”;

document.write(”

Media_httpwwwsophosco_edhfu

Free virus scan – Download a Sophos Security Scan“);

}

Related posts

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s