Two men have been arrested on suspicion of developing mobile malware that ended up on more than 2000 Android devices.
According to a report by French website linformaticien.com, the two unnamed men were arrested in Bobigny and only identified as a "brain" and a "technician"; they are accused of conning users out of an average of €20 to €30. French authorities estimate that the total scam amounted to €100,000 ($A147,708).
The malware used in this instance was the Foncy Trojan, which spreads via file-hosting website ‘SuiConFo.apk' and, after installation, appears on the main menu of Android smartphones and sends four SMS messages to premium-rate numbers.
According to a blog by Kaspersky Lab mobile malware expert Denis Maslennikov, after defining the country, number and text, the four SMS messages are sent with the help of the sendTextMessage method.
“The Trojan will send an SMS message to a French cell-phone number with the text taken from a reply from a premium-rate number. This may help the cyber criminals find out how many premium SMS messages have been sent,” he said.
The report by linformaticien.com claimed that a judicial inquiry has been opened by the prosecutor of Bobigny, with charges for organised fraud and possession of malware.
Graham Cluley, senior technology consultant at Sophos, said: “More recently, Foncy has also appeared in the form of a fake EA Sports game, exploiting a vulnerability to root the phone, sending SMS messages and silently joining an IRC channel to receive further commands from remote hackers.
“According to the French authorities, the two men alleged to be behind the malware earned up to €100,000 from the scheme. Is it any wonder we are seeing an increase in Android malware activity, if the bad guys are making money out of it?”
This article originally appeared at scmagazineuk.com
Copyright © SC Magazine, UK edition
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @itnews.com.au to your white-listed senders.