Attackers have laced applications for Windows Mobile devices with malware that could cost users serious money in unauthorised charges.
The offending apps are “3D Anti-Terrorist,” “PDA Poker Art” and a Codec pack for Windows Mobile 1.0, and were available on several sites providing legitimate mobile software, according to Kevin Mahaffey, CTO of mobile security company Lookout. The company is currently trying to contact sharewareplaza.com, which is the only remaining site researchers found still offering the infected games, he said.
This is not the first mention of “3D Anti-Terrorist” in connection with malware. Researchers at Symantec reported in April that attackers had bundled a malicious dialer dubbed the Terred Trojan with the game.
“When a device becomes infected, the malware stays dormant for approximately three days, then wakes up and dials between four and six premium-rate international numbers, depending on which version of the malware was installed on the device,” Mahaffey explained. “After the first round of dialing, the malware stays dormant for one month, then dials the same numbers again, repeating the process every month afterward.”
The scheme could potentially ring up large amounts of unauthorised charges if unchecked.
“By waiting several days before waking up, the malware [makes it so that the problem] isn’t apparent to a user—if your phone starts making strange-looking calls immediately after installing a game, you’d know exactly why,” Mahaffey said. “Because the game is functional, a user is also unlikely to uninstall it. The only evidence of malicious behavior is strange international numbers on a user’s phone bill or in their call history. Reports of $10 and $20 monthly charges resulting from this malware have surfaced on developer forums. More sophisticated malware could hide its tracks by removing entries from the call history.”
The original “3D Anti-Terrorist” game was developed by Huike, a Chinese company, and there is evidence that the game was repackaged with malware in Russia, which is the home of most of the world’s auto-dialer malware, Mahaffey said.
“People who had previously downloaded the ‘3D Anti-Terrorist’ game, Codec Audio pack or ‘PDA Poker Art’ game should do a thorough check of their call history and phone bill for any unfamiliar or international phone numbers,” he said. “They should also download an antivirus software [application] that has been updated to fix this malware … Users should also make a habit of using antivirus software on their phone if they download applications regularly.”
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…