How to make money with mobile malware

by Graham Cluley on September 30, 2010 | Leave a comment

Filed Under: Malware, Mobile

Old phone
Remember the old days of dialler Trojan horses?

Back when most of us didn't have broadband at home, and connected to the internet via a modem, we saw a type of malware which could take advantage of the phone line plugged into the back of your PC and dial an expensive premium rate number.

In this way, criminal hackers could make money out of your infected computer - and you might know anything about it until you received an expensive telephone bill.

Dialler Trojan horses went the way of the dinosaur as consumers turned their back on modem connections and adopted broadband en masse.

But, as F-Secure's Mikko Hypponen explained today at the Virus Bulletin conference, the threat may have returned in a different form through the use of virtual premium rate numbers.

3d anti-terrorist action
Earlier this year I described the Terdial Trojan horse, which was distributed posing as a Windows mobile game called "3D Anti-terrorist action", but appeared to make calls to Antarctica, Dominican Republic, Somalia and Sao Tome and Principe without the owner's permission.

So how did it make money for the hackers?

Well, it transpires that although the Trojan did make phone calls to numbers associated with various far-flung corners of the world, the calls never made it that far.

That's because the phone numbers were what are known as virtual numbers. It's perfectly possible to find telephone operators on the web who will rent you premium phone number associated with, say, Antarctica, and pay you every time that a call is made.

Unlike other legitimate premium rate numbers (such as 1-900 in USA), there is no regulation preventing abuse of the virtual numbers, and the 'owner' of the number gets paid instantly rather than having to wait 30 days.

And your call never actually gets as far as Antarctica or North Korea. It's stopped in your own country, but you're still billed as though you rang that far away place.

The days of Trojan horses making money out of dial-up modem connections may be long gone, but here's a model for money-making that mobile malware authors could certainly exploit.

Tags: , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <pre> <q cite=""> <strike> <strong>

About the author

Graham Cluley has worked in the computer security industry for more than 20 years, developing anti-virus software and doing quite a lot of talking about internet threats. He's won awards for his blogging, but is proudest of the text adventure games he wrote when he was still wearing short trousers. You can learn more about those (the games, not the trousers) at grahamcluley.com. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.