Android Malware Spotted Subscribing Victims to Paid Services Without Consent

Cybersecurity researchers expose a 10-month global Android malware campaign using fake apps to secretly charge users through premium SMS bills...

EUVD-2016-4901

Malware in sbrugna...

EUVD-2016-4896

Malware in sbrugna...

EUVD-2017-9757

Malware in sbrugna...

Millions of Android devices abused by UltimaSMS Adware Scam

By Waqas The UltimaSMS Adware scam is abusing Android apps to subscribe users to premium SMS services that charge up to $40/month depending on their mobile carrier and geographic location. This is a post from HackRead.com Read the original post: Millions of Android devices abused by UltimaSMS...

Millions of Android Users Scammed in SMS Fraud Driven by Tik-Tok Ads

Threat actors are using malicious Android apps to scam users into signing up for a bogus premium SMS subscription service, which results in big charges accruing on their phone bills. Jakub Vavra from the threat operations team of security firm Avast uncovered the campaign, which he dubbed UltimaS...

Android Trojan GriftHorse, the gift horse you definitely should look in the mouth

Researchers at Zimperium have discovered an aggressive mobile premium services campaign with over 10 million victims all over the world. The stolen amount could amass hundreds of millions of Euros. The scam was hidden behind malicious Android apps, and the researchers have named the Trojan...

GriftHorse Money-Stealing Trojan Takes 10M Android Users for a Ride

More than 10 million Android users have been saddled with a malware called GriftHorse that’s trojanizing various applications and secretly subscribing victims to premium mobile services – a type of billing fraud that researchers categorize as “fleeceware.” Zimperium uncovered more than 130...

Beware! This Android Trojan Stole Millions of Dollars from Over 10 Million Users

A newly discovered "aggressive" mobile campaign has infected north of 10 million users from over 70 countries via seemingly innocuous Android apps that subscribe the individuals to premium services costing €36 $42 per month without their knowledge. Zimperium zLabs dubbed the malicious trojan...

CVE-2017-18666

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.x software. Applications can send arbitrary premium SMS messages. The Samsung ID is SVE-2017-8701 June 2017...

Code injection

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.x software. Applications can send arbitrary premium SMS messages. The Samsung ID is SVE-2017-8701 June 2017...

CVE-2017-18666

CVE-2017-18666 affects Samsung mobile devices running Android versions from KK (4.4) through N (7.x). The issue allows applications to send arbitrary premium SMS messages due to a vulnerability in the device software (Samsung ID SVE-2017-8701). Impact is that apps could incur charges by sending p...

CVE-2017-18666

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.x software. Applications can send arbitrary premium SMS messages. The Samsung ID is SVE-2017-8701 June 2017...

Kotlin-based malicious apps penetrate Google market

An open-source programming language, Kotlin is a fully-supported official programming language for Android. Google boasts that Kotlin contains safety features in order to make apps "healthy by default." Many apps are already built with Kotlin, from the hottest startups to Fortune 500 companies...

First Android Malware Found Exploiting Dirty COW Linux Flaw to Gain Root Privileges

Nearly a year after the disclosure of the Dirty COW vulnerability that affected the Linux kernel, cybercriminals have started exploiting the vulnerability against Android users, researchers have warned. Publicly disclosed last year in October, Dirty COW was present in a section of the Linux...

Yet Another Android Malware Infects Over 4.2 Million Google Play Store Users

Even after so many efforts by Google, malicious apps somehow managed to fool its Play Store's anti-malware protections and infect people with malicious software. The same happened once again when at least 50 apps managed to make its way onto Google Play Store and were successfully downloaded as...

Google Removes Two Ztorg Trojans from Play Marketplace

Google, for the second time this month, has removed malicious apps from Google Play that could have laid the groundwork for an attacker to root infected devices. A researcher with Kaspersky Lab on Tuesday described how attackers managed to evade settings set in place by Google Play’s VerifyApps...

CVE-2016-3888

internal/telephony/SMSDispatcher.java in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism, and send premium SMS messages during the...

CVE-2016-3888

internal/telephony/SMSDispatcher.java in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism, and send premium SMS messages during the...

CVE-2016-3883

internal/telephony/SMSDispatcher.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 does not properly construct warnings about premium SMS messages, which allows attackers to spoof the premium-payment confirmatio...