Ever find yourself suddenly getting charged by a subscription you did not opt for? If so, you could probably be a victim of a more recent rendition of the toll fraud malware.

Via an official announcement, Microsoft went into full detail about what happens with the said malware, which, in basic terms, involves malware exploiting the system’s weakness and putting the victim at financial risk by making a paid subscription on their behalf, but without the authorization.

Per the report, it appears that the malicious software takes advantage of the wireless application protocol (WAP), which is often used by cellular networks. Wi-Fi users may technically be secure from the exploit considering that the malware is designed to operate via the phone’s network provider.

Toll-fraud-malware-Android

But this still presents a lingering problem to the unwitting victim—primarily, whenever the device is forced to connect to the network via the phone’s service provider will the scheme will enact.

Compounding the cunningness of the malicious program is also its ability to intercept OTP and even hide the notification from the user, thus nullifying any suspicion that the device in use is compromised.



Leave a comment

Your email address will not be published. Required fields are marked *