Copies of popular games such as Angry Birds Space and Need for Speed Most Wanted used to hijack mobile devices to send spam
The latest scam facing Android users could land them with a huge mobile phone bill Cloudmark has warned.
Fraudsters are copying free versions of popular games such as Angry Birds to turn Android phones and devices into mobile botnets warned Cloudmark. The so-called Spamsoldier attacks starts with a short SMS offering a free copy of the game, such as Angry Birds Space or Need for Speed Most Wanted. These copies are embedded with a Trojan horse.
Once downloaded the app connects with a command and control server where it can access phone lists. The infected Android device are then used to contact these numbers and send out thousands of junk text messages.
In a blog the company warned people: "You better have an unlimited message plan or your phone bill may come as a bit of a shock.
Since it was first alerted to the scam in October, when if found the hook was a free anti-spam app, Cloudmark said that the fraudsters have widened their appeal. Now mixed in with the free games, the fraudsters are sending victims' texts offering free gift cards, which are being used to gather personal data.
On such SMS reads: "You have just won a $1000 Target Gift Card but only the 1st 777 people that enter code 777 at http://[redacted].com can claim it!"
Cloudmark said the copies of games or gift cards are not hosted on Google Play but on a server in China. It said users should be aware and take care as the infected apps do raise some alarms.
Once downloaded the user must disable safeguards, grant permission to install and give it the ability to browse the web or send texts messages before it will run.
"You have to grant permission to the app to do all sorts of things that no Angry Bird [player] should ever need to do, like surfing the web and sending SMS messages, but not many people read the fine print when installing Android applications," the company warned.
Cloudmark said it would continue to monitor the scam and provide updates on its blog.
Updating your subscription status