Market for Android applications and games is developing significantly. Beside official source Google Play, users have other different choices including downloading apps shared on websites or relying on external app stores. According to research by Bkav, these sources always contain potential risks to users. Especially, attaching code in apps to activate SMS to high-fee numbers is getting popular, more than ever.
These malicious applications access users via spam messages or Google search results.
Google results for Pikachu game
To siphon money from users, these malwares use 2 methods: automatically and silently send messages to high-fee service numbers (recently analyzed by my colleague), or require registration to use without clearly stating that SMS to charged numbers will be sent.
Register to use the app
With notifications like this, most users will choose ‘Agree’ without knowing that their accounts will be charged an amount of money because the app has automatically sent a message to high-fee service number.
Obviously, users can easily become victims if not be careful when installing applications for their mobile. Therefore, users had better download apps from secured sources, Google Play for example, as well as equip powerful security software to protect their devices.
Dang Van Long