A new malware named Xafecopy Trojan has been discovered in India which steals money through victim’s mobile phones, informed by cyber security Kaspersky. Around 40 percent of the target of the malware has been detected in India.
According to the report, “Kaspersky Lab experts have uncovered a mobile malware targeting the WAP billing payment method, stealing money from victims’ mobile accounts without their knowledge”. Xafecopy Trojan is hidden as useful apps like BatteryMaster and operates normally.
How do the Xafecopy Malware works?
The Trojan secretly loads malicious code onto the device. Once the app is activated, the Xafecopy malware clicks on the web pages with Wireless Application Protocol (WAP) billing a form of mobile payment that charges costs directly to the user’s mo bile phone bill. After this, the malware silently subscribes the phone to a number of services. The entire process does not need the user to register a debit or credit card or set up a username and password.
The malware uses technology to bypass ‘captcha’ systems designed to protect users by confirming the action is being human performance. In the captcha system, websites show a set of some letter or numbers which are required to be manually filled by the user.
The report also informs “Xafecopy hit more than 4,800 users in 47 countries within the space of a month, with 37.5 per cent of the attacks detected and blocked by Kaspersky Lab products targeting India, followed by Russia, Turkey, and Mexico”.
The experts at Kaspersky Lab have found traces that display that Cyber Criminals gang spreading other Trojans are sharing malware code among themselves. Kaspersky Senior Roman Unuchek, Marware Analyst said “Our research suggests WAP billing attacks are on the rise. Xafecopy’s attacks targeted countries where this payment method is popular. The malware has also been detected with different modifications, such as the ability to text messages from a mobile device to premium-rate phone numbers, and to delete incoming text messages to hide alerts from mobile network operators about stolen money”.
Managing Director of Kaspersky Lab South Asia, Altaf Halde said that Android users need to be extremely cautious in how they download apps.
“It is best not to trust third-party apps, and whatever apps users do download should be scanned locally with the Verify Apps utility. But beyond that, Android users should be running a mobile security suite on their devices.