How to make money with mobile malware

Filed Under: Malware, Mobile

Old phone
Remember the old days of dialler Trojan horses?

Back when most of us didn't have broadband at home, and connected to the internet via a modem, we saw a type of malware which could take advantage of the phone line plugged into the back of your PC and dial an expensive premium rate number.

In this way, criminal hackers could make money out of your infected computer - and you might know anything about it until you received an expensive telephone bill.

Dialler Trojan horses went the way of the dinosaur as consumers turned their back on modem connections and adopted broadband en masse.

But, as F-Secure's Mikko Hypponen explained today at the Virus Bulletin conference, the threat may have returned in a different form through the use of virtual premium rate numbers.

3d anti-terrorist action
Earlier this year I described the Terdial Trojan horse, which was distributed posing as a Windows mobile game called "3D Anti-terrorist action", but appeared to make calls to Antarctica, Dominican Republic, Somalia and Sao Tome and Principe without the owner's permission.

So how did it make money for the hackers?

Well, it transpires that although the Trojan did make phone calls to numbers associated with various far-flung corners of the world, the calls never made it that far.

That's because the phone numbers were what are known as virtual numbers. It's perfectly possible to find telephone operators on the web who will rent you premium phone number associated with, say, Antarctica, and pay you every time that a call is made.

Unlike other legitimate premium rate numbers (such as 1-900 in USA), there is no regulation preventing abuse of the virtual numbers, and the 'owner' of the number gets paid instantly rather than having to wait 30 days.

And your call never actually gets as far as Antarctica or North Korea. It's stopped in your own country, but you're still billed as though you rang that far away place.

The days of Trojan horses making money out of dial-up modem connections may be long gone, but here's a model for money-making that mobile malware authors could certainly exploit.

, , , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.