What is Toll Fraud malware, how does it attack digital wallets and how to protect yourself – Technology News, Firstpost
PF explainersJul 06, 2022 1:10:14 PM IST
Microsoft recently published a blog post warning Android users of a new malicious malware circulating, called the Toll Fraud malware. The concern that Microsoft raises about this malware is that it can drain the payment wallets of infected devices and can also drain your bank accounts.
Microsoft researchers Dimitrios Valsamaras and Sang Shin Jung have detailed the continued evolution of “phone fraud malware” and how it attacks android devices.
The malware belongs to the billing fraud subcategory “in which malicious apps sign up users for premium services without their knowledge or consent” and “is one of the most common types of Android malware.” widespread”.
According to a Google transparency report, most installations of this malware are in India, Russia, Mexico, Indonesia, and Turkey.
How does Toll Fraud Malware work?
What this malware does is that it disconnects your device from WiFi and allows the device to work only on the cellular network. It then supports WAP or Wireless Application Protocol.
WAPs normally allow consumers to subscribe to paid content and have the charge added to their phone bill. Once it hijacks the WAP, the malware starts subscribing to premium services while intercepting one-time passwords (OTPs) that a legitimate service provider may have sent you to verify your identity .
These text messages are then forwarded to a database, which hackers and malicious actors can use to hack into various accounts you have, even your bank accounts.
Toll Fraud malware is one of the oldest malware in existence and has been around since the days of the dial-up internet. However, over the decades it has evolved into something very sophisticated.
The current version of the malware is able to evade detection and can reach a high number of installations before a single variant can be removed. It uses dynamic code loading, which makes it difficult for real mobile security solutions and antiviruses to detect threats.
It also removes SMS notifications and app notifications from dedicated wallets and banks. This way, by the time a user learns that their device has been infected, it is very late.
How do Android devices get infected with Toll Fraud malware?
Not all apps in the Play Store are legit. Most free antivirus, file manager, beauty filter and wallpaper apps contain some kind of malware built-in.
The biggest red flag these apps throw up is asking for weird permissions. For example, a camera application, asking permission to send or read SMS does not make sense. Or, a wallpaper app, asking for permissions to read notifications and monitor them again doesn’t make sense. People are often unaware of the type of permissions requested by certain apps.
How to protect yourself from Toll Fraud malware?
Users should be very careful about the apps they download, even if they do so through the Play Store. Also avoid downloading apps.
Avoid installing applications that request excessive permissions for programs that do not require such privileges. Also, avoid apps that have user interfaces or icons similar to legitimate proper apps.
Keep an eye out for developer profiles that look fake or have bad grammar, and if the app has a slew of bad reviews.