Huge subscription fraud campaign hits over 100 million Android users
Scammers made away with "hundreds of millions"
A widespread Android subscription fraud campaign has been discovered actively stealing from users money.
Uncovered by cybersecurity researchers from Zimperium zLabs, the “Dark Herring” campaign consists of some 470 apps, all found in the official Google Play Store.
The apps, most of which fall in the entertainment category, have all offered “premium” services for registered users. Those that would register an account, would be billed up to $15, through Direct Carrier Billing (DCB).
No malware present
DCB is a mobile payment method, allowing consumers to pay for things they buy online, via the bill for their phone plan. This means users that installed these apps would not know they’d been charged for anything, until the phone bill arrives in the mail.
Furthermore, as these apps can still be used, and many people don’t check the details of their phone bills, in some instances, the charging went on for months, the researchers hint.
As these apps don’t necessarily carry malware with them, the fraud was relatively difficult to detect. In some cases, it was said, the victims took months before noticing that they had been fraudulently charged on their account.
In total, these apps were downloaded on 105 million devices, located in 70 countries around the world. All of this, researchers say, make Dark Herring the longest-running mobile SMS scam discovered.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Here are some of the apps used in the campaign:
- Smashex
- Upgradem
- Stream HD
- Vidly Vibe
- Cast It
- My Translator Pro
- New Mobile Games
- StreamCast Pro
- Ultra Stream
- Photograph Labs Pro
Researchers from Zimperium believe the operators made away with “hundreds of millions” of dollars, so far.
While Google has since removed all of the apps from the Play Store (the full list can be found here) many can still be downloaded from third-party repositories online.
- You might also want to check out our list of the best ID theft protection right now
Via: BleepingComputer
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.