Google Pulls 22 SMS Fraud Apps Off Android Market

Google has had to remove from the Android Market 22 so-called  RuFraud malware applications which send automated messages to premium rate lines.

The apps are the latest pieces of malicious software to be uploaded to the Android Market and come at a time when security experts are warning that malware developers are increasingly turning their attention to Google’s mobile operating system.

Don’t download Twilight

According to mobile security firm Lookout, a batch of apps was uploaded to the market last week, disguised as horoscope apps which had hidden terms of service agreements indicating charges.

The apps  presented users with a single option to continue, which was seen as an acceptance of the premium charge. Lookout has called the apps “RuFraud” for “Russian Fraud” because they are often found on Russian download sites.

Lookout said that there had been numerous instances of premium SMS toll fraud apps in the last few months which affected users in a number of European countries, including the UK, but not North America, as the SMS code is generated by the users SIM card.

The firm notified Google of nine identical apps which posed as wallpaper apps for movies such as Twilight and popular games Angry Birds and Cut the Rope. These were downloaded by just a handful of users and the threat was supposedly minimal.

However 13 more apps, published under the name Logastrod, found their way onto the Market, again masquerading as games. These trojanised copies of free games added code to send SMS messages to premium rate numbers.

Google responded swiftly but was not fast enough to stop over 10,000 users downloading the malicious software.

Security Fears

“We have already stated several times that the requirements for becoming an Android developer that can publish apps to the Android market are far too relaxed. The cost of becoming a developer and being banned by Google is much lower than the money that can be earned by publishing malicious apps,” commented Vanja Svajcer, principal virus researcher at Sophos. “The attacks on Android Market will continue as long as the developer requirements stay too relaxed.”

Over 10 billion apps have been downloaded from the Android market, which boasts a catalogue over 200,000 applications, however the security of the store has been a concern for many, with infected apps often being uploaded.

In March, Google removed over 50 malicious apps, making use of the remote kill feature which removes apps from infected devices, while in June it had to remove another 10 spyware applications.

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

15 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

17 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

18 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

19 hours ago