New CallJam Malware Contaminating Google Play Store Extracts Money from Android Users

Google has been consistently ensuring that every application inside its Play Store, a main cache and application market to provide all Android users, is free from any malicious content which could potentially prove harmful for end-users.

However, because a massive number of applications get submitted into Google Play Store, there are instances when malware does make way into it. The latest malware -CallJam churns revenue for the hacker via making the infected device dial high-profile numbers.

More particularly the malware disguises as a game whose name is "Gems-Chest-for-Clash-Royale." Plenty of users, about 500,000 have taken down the malware-tainted application from the time somebody during May 2016 first loaded it to be listed in Google's Play Store.

There are different methods by which CallJam makes money by extracting from Android users' treasury.

One, the malicious program diverts the infected users onto malware-tainted websites which exhibit fake ads whose subscriptions land up with CallJam's operators. Two, by acquiring admin rights via requesting the user to provide them, it connects with the CnC server controlling it so some games can be played. Grahamcluley.com posted this, September 10, 2016.

Actually, for users who don't read the matter in the application permissions before granting them, the problem arises. This is how it happens. The server of the hacker following the granting of the permission issues an instruction to CallJam for calling certain high-profile number as well as directs the length of time it should last. When the call is made, money gets generated and it goes to the attacker.

CallJam is unique because it has been given a four-star ranking among applications on Play Store. This means CallJam prompts the end-users for giving a rank to the application they would use, hinting certain in-game reward they would get on doing so.

To conclude therefore Android users must go through the reviews prior to downloading an application while also look for other users' comments that possibly hints alarm. This is necessary to know the exact permissions the different applications should ask for. Incase they aren't the actual ones or exceed the limit then those applications should not be downloaded.

» SPAMfighter News - 9/16/2016