There’s been a lot in the news about malware lately. From target-specific malware to viruses that attack almost everything, it’s hard to ignore the impending malware threat. The latest attack came in the form of a premium rate Trojan. The Trojan, called Android.Dropdialer was present in Google Play for more than two weeks before security company Semantec noticed the Trojan. The Android Trojan was hidden inside of two apps include a Super Mario Brothers wallpaper app and a GTA 3 Moscow City app. When Google was notified, the two apps in question were taken off of the Google Play website.
Symantec estimates that each app was downloaded roughly 50 to 100 times per app. While seemingly large, this amount of downloads is actually on the small side, which has led Symantec and Google to classify the Trojan as “low risk.” The vast majority of these downloads were traced to Eastern Europe where users download apps and are immediately billed for these apps. This is in contrast to carriers in the U.S. and Canada that bill users at the end of each month for a month’s worth of app downloads.
How Trojans Like Android.Dropdialer Work
Trojans like the one detected on Google Play by Semantec are not uncommon, but these threats are less common throughout North America. All the same, a Trojan of this sort could infect your device if you pay per app download. In order to operate, the Trojan hides inside of a popular app, like the Super Mario Brothers wallpaper app (popular throughout Eastern Europe). Once downloaded, the Trojan then sends covert messages to a premium rate telephone number from a victim’s cellphone. This, in turn, would result in a very high phone bill for the victim.
After the Trojan had successfully installed itself and dialed a premium number, the threat would then uninstall itself and disappear, leaving victims without any real evidence. Those on the other end of the collection bargain would be sent the amount of money charged to a victim from the premium number, and the Trojan scam would continue. Right now, thousands of people in Eastern Europe are paying for premium rate phone calls that they never made.
Detecting and Preventing A Trojan of This Kind
In order to make sure that nothing strange is happening with your cellphone bill, be sure to look at that bill every single day. Even if you are billed at the end of the month, you should be able to obtain a list of the downloads you’ve made – Apple sends users a list of these downloads as soon as an app has been downloaded. If you see any kind of a download that looks suspicious or if your credit card has been charged for a number that you didn’t call, you might have fallen prey to a premium rate Trojan.
As mentioned, Google has dealt with the current Trojan threat and North Americans probably won’t be affected. But, if you happen to live in Eastern Europe and you’re reading this article, be sure to send proof of the Trojan’s existence (you can find lots about it on the net in addition to this article) to your cellphone carrier. Even though the Trojan may uninstall itself, you are not responsible for a high cell bill or defenseless.