Leave a comment

Malware in popular app racks up your phone bill

Malware in popular app racks up your phone bill
Twin Design / Shutterstock.com

Apps are a dime a dozen these days. With more than 2.2 million apps in Apple iTunes, 2 million in Google Play and over 660,000 Windows apps available, there's never a shortage of apps to choose from. But how do you know if the apps you download are safe?

Before an app can be offered on iTunes, app developers must submit their apps to be reviewed by Apple. The process is extensive and the apps are tested for reliability, performance and offensive materials. You might think that this process would take months to complete, but it actually only takes a few days.

Google Play has a similar process for reviewing apps available for Android users. Developers are asked to create an account and pay a small fee. Then, they're able to submit their apps for review and approval. Apps are then prescanned by machines to check for viruses and inappropriate content; however, it seems that some malicious apps are still slipping through.

Although the majority of apps on Google Play are perfectly safe, this year alone there have already been numerous reports of apps discovered with malware. In fact, just last week we warned you about 40 official Google Play apps that were carrying the DressCode malware. Click here to see which apps are vulnerable.

Now, another virus named CallJam has been discovered in a Google Play app called "Gems Chest for Clash Royale." The game first appeared in the Google Play store back in May and has been downloaded somewhere between 100,000 and 500,000 times.

Once installed, this malware infects your phone or tablet's system and creates a fraudulent premium dialer. This dialer then makes unauthorized phone calls. It also triggers numerous ads that show up on the Android device.

The key here is that the app actually prompts the user to grant permission to make these phone calls. Just like most apps, the terms and conditions are displayed after installing the app and you must accept these conditions before proceeding.

The problem is that most of us don't actually read through those terms and conditions before clicking, "Accept."

Once authorization has been granted, the hacker's server is able to send CallJam special commands to dial premium phone numbers, such as 1-900 numbers. The length of time for these calls can also be determined by the hackers, all at the expense of the victim.

 

If you think that gaining access to your smartphone or tablet won't give hackers much data, think again. Listen to this special podcast about why hackers are so interested in breaking into your handheld device.

Next Story
Brainteaser: There's an owl hiding in these trees - can you spot it?
Previous Happening Now

Brainteaser: There's an owl hiding in these trees - can you spot it?

Everything you need to know about iOS 10 ahead of its launch tomorrow
Next Happening Now

Everything you need to know about iOS 10 ahead of its launch tomorrow

View Comments ()