New Malware Steals Money of Users through Mobile Phones

Xafecopy Trojan is a malware software affecting mobile phones with android operating system and it has the capacity to steal money through phones without making users to know about it. Kaspersky Lab, a Russian Multinational cyber security and anti-virus provider started by Eugene Kaspersky in 19197, lately identified the in-depth data of this malware. Maximum affected users are from India.

Kaspersky Lab has classified that the malware has attacked at least 4,800 users of 47 countries within just one-month out of which more than 37.5 per cent victims are from India. Russia, Mexico and Turkey are the three most affected countries after India. As per identifications, the malware is using WAP (Wireless Application Protocol) payment billing method to steal money. Researchers of Kaspersky Lab have discovered an unusual growth in mobile Trojan clickers which are stealing money from Android users through Wireless Application Protocol (WAP) billing.

Xafecopy Trojan has been disguised as valuable apps, such as BatteryMaster, and also operates normally. Later on, the malware mutely subscribes the phone to several services. Once the application gets activated, the Xafecopy malware then clicks on the web pages having WAP billing - one kind of mobile payment which charges the costs directly to mobile phone bill of user. Telecom.economictimes.indiatimes.com posted on September 10th, 2017, quoting a report as saying that later on the malware mutely subscribes phone to several services.

Moreover, the process doesn't ask the users to register their credit or debit card, or ask to set up the username along with password. Malware uses the technology for bypassing 'captcha' systems, which is designed for safeguarding users by approving that that the action is performed by human. In captcha system, the websites display set of few numbers or letter that is required to be filled manually by user.

Altaf Halde, Managing Director of Kaspersky Lab, South Asia, said that users of Android required being extremely careful while downloading apps. It is best not to trust third-party apps and whatever apps users do download should be scanned locally with Verify Apps utility. But beyond that, Android users should run a mobile security suite on their devices.

» SPAMfighter News - 9/18/2017