Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Researchers are tracking a pay-per-install scheme being marketed through a Russian web forum where criminals are recruited to load malware on Android devices in return for payment.
The mainly Russian victims primarily downloaded malware through bogus apps that appeared to be legitimate.
After the app was installed, malware forced the infected device to send out SMS messages to premium-rate numbers owned by the attackers who were paid for receiving the texts.
The crooks earnt a significantly higher fee than those who participate in pay-per-install rings targeting Windows PCs, researchers at security firm ESET said.
ESET security intelligence program manager Pierre-Marc Bureau said the fraudsters made between $2 and $5 per installation -- 10 times more than similar Windows malware installations.
“In my experience, it is the first time we've seen such an organised group targeting Android devices, but I wouldn't be surprised if there were others,” Bureau told SC.
ESET researchers spotted the threat in May after discovering a Russian web forum which began operating in late 2011 with the specific purpose of supporting the Android pay-per-install scheme.
“We are still working with different sources to shut down the forum, but right now it's still active, so we prefer to keep the name private,” Bureau said.
“It's really a forum they set up for the only purpose of trading and selling infections for Android devices. These guys are quite sophisticated. For instance, if someone is willing to buy the infections, they are building their own [customer service] tools to relay information.”
A Google spokeswoman declined comment. In many cases, malicious mobile apps foisted by attackers were distributed through third-party marketplaces.
This article originally appeared at scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.