New WAPDropper malware abuses Android devices for WAP fraud


Level 76
Content Creator
Malware Hunter
Aug 17, 2014
Security researchers have detected a new strain of Android malware being currently distributed in the wild, primarily targeting users located in Southeast Asia.

Discovered by security firm Check Point, this new malware is named WAPDropper and is currently spread via malicious apps hosted on third-party app stores.

Check Point said that once the malware infects a user, it starts signing them up for premium phone numbers that charge large fees for various types of services.
The end result is that all infected users would receive large phone bills each month until they unsubscribed from the premium number or reported the issue to their mobile provider. Check Point says that based on the premium phone numbers used in this scheme, the malware authors are most likely based or collaborating with someone in Thailand or Malaysia.

"In this and similar schemes, the hackers and the owners of the premium rate numbers are either co-operating or could even be the same group of people," the company said today in a report. "It's simply a numbers game: the more calls made using the premium-rate services, the more revenue is generated for those behind the services. Everybody wins, except the unfortunate victims of the scam."