A malware known as Xafecopy Trojan has been detected in India, which is stealing money through its victim’s smartphone. According to Kaspersky, a cyber security firm, around 4,800 users in 47 countries are reported to bit hit by this malware, and 40 percent attacks are targeted in India, followed by Russia, Turkey and Mexico.
“Kaspersky Lab experts have uncovered a mobile malware targeting the WAP billing payment method, stealing money through victim’s mobile accounts without their knowledge,” the report said.
The Xafecopy Trojan gives a different appearance as useful apps like BatteryMaster and carries out normal operations, but secretly loads malicious code into the device.When the malware gets active, Xafecopy access the web pages with Wireless Application Protocol (WAP) billing — it is a form of payment that charges costs directly in the mobile phone bill. The malware then silently subscribes the phone to a number of services. Further, the process does not require registration of debit or credit card or setting up a username and password, the report said.
“Our research suggests WAP billing attacks are on the rise. Xafecopy’s attacks targeted countries where this payment method is popular. The malware has also been detected with different modifications, such as the ability to text messages from a mobile device to premium-rate phone numbers, and to delete incoming text messages to hide alerts from mobile network operators about stolen money,” Kaspersky Lab senior malware analyst Roman Unuchek said.
Kaspersky Lab, Managing Director-South Asia, Altaf Halde said that Android users need to be extremely cautious before downloading apps from Play Store. “It is best not to trust third-party apps, and whatever apps users do download should be scanned locally with the Verify Apps utility. But beyond that, Android users should be running a mobile security suite on their devices,” Halde advised.