SMSFactory Android malware sneakily subscribes to premium services

Gandalf_The_Grey

Gandalf_The_Grey

Level 71
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
5,957
Content source
https://www.bleepingcomputer.com/news/security/smsfactory-android-malware-sneakily-subscribes-to-premium-services/
Security researchers are warning of an Android malware named SMSFactory that adds unwanted costs to the phone bill by subscribing victims to premium services.

The number of its victims is unclear but attempts to infect Android devices have been recorded for tens of thousands of Android users protected by Avast security products in at least eight countries.

SMSFactory has multiple distribution channels that include malvertising, push notifications, promotional pop-ups on sites, videos promising game hacks or adult content access.

According to Avast, SMSFactory targeted more than 165,000 of its Android customers between May 2021 to May 2022, most of them located in Russia, Brazil, Argentina, Turkey, and Ukraine.

While SMSFactory’s main goal is to send premium text and make calls to premium phone numbers, Avast researchers noticed a malware variant that can also steal the contact list on compromised devices, likely to be used as another distribution method for the threat.

Jakub Vávra of Avast notes that SMSFactory is hosted on unofficial app stores. ESET researchers found the malicious APK package on APKMods and PaidAPKFree, two Android app repositories that lack vetting and proper security policies for the listed products.
Click to expand...
How to stay safe

To avoid larger bills, users are recommended to download apps only from trusted sources, such as Google Play. They should keep at a minimum the number of applications they're using and read reviews from other users before installing anything.

Additionally, keep your operating system updated to the latest available version for your device and run regular scans via Play Protect.

For malware that subscribes to premium services, some carriers offer the option to disable or limit this action.
Click to expand...
 
  • Like
Reactions: harlan4096, Correlate and upnorth
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,550
Disable or limit premium SMS with your carrier. While there are legitimate uses for premium SMS, recent SMS malware campaigns highlight the importance of control over potential charges on a user’s phone contract. Disabling premium SMS features or at least setting a limit significantly negates the potential impact of TrojanSMS campaigns. This step is especially important on children’s phones.
Click to expand...
 
  • Like
Reactions: harlan4096, Correlate and Gandalf_The_Grey
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
    • +Reputation
Android Toll fraud malware disables your WiFi to force premium subscriptions
Replies
0
Views
457
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Wow
    • Like
New Android malware apps installed 10 million times from Google Play
Replies
0
Views
546
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
silversurfer
    • Wow
    • Like
Google will cripple Android VPN services that threaten to break advertisements
Replies
10
Views
604
News Archive
codswollip
codswollip

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top