While Google and Apple are working tirelessly to ensure that Play and App Store is harmless, protected and unarguably the number one sources for downloading apps, few dangerous softwares, many times, still find their way inside the platform.
McAfee security company discloses that a familiar cybercriminal gang called AsiaHitGroup have struck again, using a modified piece of dangerous software that has been recycled years back on the Google Play Store.
This software is known as Sonvpay.C, and it penetrates the Play Store through variant of unsuspected apps, like ringtone creators, QR code scanners, flashlights and the likes. And it's a tricky one to prevent, even if you are a very intelligent users.
Once any of these infested app is installed on your device, it will bring out an "update" notification. However, that's not an update, but a repackaged subscription button that when clicked, will immediately sign the user up for an unfamiliar paid service. This version of Sonvpay does not support SmS messages unlike the older version. Rather, it uses WAP billing–an over-the-air data message to a website–, meaning it will not be noticed in the user's message history.
The information reaching us from MacAfee disclosed that the dubious apps have been used in Malaysia and Kazakhstan, but if the app notice that the smartphones is not in any of these places, it'll still dispatch an SMS messages to a premium service.
According to report, the apps have been on the internet since the beginning of this year and MacAfee estimated that AsiatHitGroup have defrauded innocent people between $60,500 - $145000.
McAfee security company discloses that a familiar cybercriminal gang called AsiaHitGroup have struck again, using a modified piece of dangerous software that has been recycled years back on the Google Play Store.
This software is known as Sonvpay.C, and it penetrates the Play Store through variant of unsuspected apps, like ringtone creators, QR code scanners, flashlights and the likes. And it's a tricky one to prevent, even if you are a very intelligent users.
Once any of these infested app is installed on your device, it will bring out an "update" notification. However, that's not an update, but a repackaged subscription button that when clicked, will immediately sign the user up for an unfamiliar paid service. This version of Sonvpay does not support SmS messages unlike the older version. Rather, it uses WAP billing–an over-the-air data message to a website–, meaning it will not be noticed in the user's message history.
The information reaching us from MacAfee disclosed that the dubious apps have been used in Malaysia and Kazakhstan, but if the app notice that the smartphones is not in any of these places, it'll still dispatch an SMS messages to a premium service.
According to report, the apps have been on the internet since the beginning of this year and MacAfee estimated that AsiatHitGroup have defrauded innocent people between $60,500 - $145000.