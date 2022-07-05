Last Thursday (30), Microsoft warned users of devices with older versions of Android that evolving malicious software can be stealing their money. According to the Microsoft 365 Defender team, billing fraud malware is affecting a number of consumers using older versions of the operating system.

According to Microsoft researchers, malware is one of the most dangerous types evolving today and uses a mechanism called Wireless Application Protocol (WAP) to attack users and make improper charges — This feature is also used by legitimate apps to make actual charges on smartphones.

When infecting an Android smartphone, the malware will subscribe the device to premium services without the user’s knowledge and will even fill in all the necessary fields to complete a subscription process. After completing the first step, criminals can hide SMS notifications about the charge and thus keep the information hidden from the user.

Microsoft suggests users never install apps from untrusted sources. Source: Shutterstock

How does malware work?

According to Microsoft, the fake billing malware is designed to evade detection and hides behind apps that look legitimate but ask for more than enough permissions — for example, a photo editing app that asks for SMS permission.

“It also, by default, uses cellular connection for its activities and forces devices to connect to the mobile network even if a Wi-Fi connection is available. Once the connection to a target network is confirmed, it stealthily initiates a fraudulent signature and confirms it without the user’s consent, in some cases even intercepting the one-time password (OTP) to do so,” Microsoft posted on its blog.

The researchers claim that the biggest target of this malware is devices with Android 9 and earlier versions, that is, smartphones with Android 10 or higher are safer regarding the problem.