MouaBad Android malware earns money by making phone calls

Graham Cluley

Money-making Android malwareIf you’re old enough to remember the days before broadband, you may well recall the problem of Dialer trojan horses. Having infected your PC, they would commandeer your modem and make phone calls to expensive premium rate numbers – earning criminals money in the process.

With the advent of broadband, and modems being consigned to the dustbin, some people probably thought they had seen the last of the premium rate dialer threat.

How wrong they were.

Security researchers at Lookout have reported on a newly discovered piece of malware, that attempts to make money by making phone calls from your infected Android smartphone without requiring any user interaction.

Of course, it’s not unknown for Android malware to send SMS messages in their attempt to commit premium-rate fraud, but making phone calls takes things to a new level.

Before you panic, however, there are some caveats.

Firstly, Lookout reports that the malware (which they call MouaBad.p) only works on Android versions older than 3.1. So owners of more modern devices, or those who have been able to keep their mobile operating system updated, shouldn’t be at risk.

Secondly, the malware appears to make no attempt to hide its surreptitious calls from the call history – making it easy for users to spot.

And thirdly, the threat does not appear to be widespread and appears to be Chinese-specific. Of course, there’s nothing to stop cybercriminals in other parts of the world attempting similar premium rate fraud with their own Android malware.

Lookout also warns that MouaBad’s functionality could be used with other malicious intentions:

In theory, this dialing functionality could also be used for other malicious purposes such as remotely spying on conversations within the vicinity of a device microphone, or simply running up a victim’s wireless bill.

My advice is that everyone who owns an Android device should seriously consider running an anti-virus, and take care about where they download their Android apps from. In all likelihood, Mouabad has been distributed by its creators via rogue applications, perhaps shared via unofficial app stores.

Learn more about the MouaBad malware by reading Lookout’s blog post.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

One Reply to “MouaBad Android malware earns money by making phone calls”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.




Stay informed!

Join thousands of others by signing-up for the free “GCHQ” newsletter, containing the latest news and tips from security expert Graham Cluley.

Name:

Email:

Yes, I would like to subscribe to email updates from Graham Cluley. I know it’s easy to unsubscribe if I ever change my mind.