Users of mobile phones were warned this week against a new family of malware that can defraud victims via premium rate SMS billing, without any action from the user.
Security vendor Lookout said the new malware, dubbed Mouabad, can also give third parties control over infected mobile devices.
"For the first time (as far as Lookout has seen), remote attackers can now make phone calls (possibly to premium-rate numbers) without user intervention. This represents a significant jump in functionality compared to more common premium-rate fraud that relies on SMS functionality," it said.
Lookout said the new variant, dubbed Mouabad.p, is "particularly sneaky and effective" in trying to avoid detection.
It said the new malware waits to make its calls until after the screen turns off and the lock screen activates.
The new malware can also end the calls it is making when it detects a user interacting with the device, such as unlocking it.
But for now, the malware can still be detected via call logs, which it cannot modify.
On the other hand, it lets remote attackers send SMS messages and control settings on premium SMS billing.
But Lookout noted the risk of infection from this new malware is low, at least for now.
Mouabad.p works only on devices running Android versions older than 3.1, it added.
It added its detection volumes of Mouabad.p are low and restricted primarily to Chinese-speaking regions.
"Since premium-rate SMS and telephone calls rely on country specific phone numbers Mouabad.p will not function outside of targeted countries so there is no incentive for the attackers controlling it to allow it to spread outside these regions," it added. — LBG, GMA News
source: gmanetwork.com
