Google Removes 17 Android Apps Caught Engaging In WAP Billing Fraud (zdnet.com) 57
Google has recently removed 17 Android applications from the official Play Store because they were infected with the Joker (aka Bread) malware. ZDNet reports: "This spyware is designed to steal SMS messages, contact lists, and device information, along with silently signing up the victim for premium wireless application protocol (WAP) services," Zscaler security researcher Viral Gandhi said this week. The 17 malicious apps were uploaded on the Play Store this month and didn't get a chance to gain a following, having been downloaded more than 120,000 times before being detected.
Following its internal procedures, Google removed the apps from the Play Store, used the Play Protect service to disable the apps on infected devices, but users still need to manually intervene and remove the apps from their devices. But this recent takedown also marks the third such action from Google's security team against a batch of Joker-infected apps over the past few months. [...] The way these infected apps usually manage to sneak their way past Google's defenses and reach the Play Store is through a technique called "droppers," where the victim's device is infected in a multi-stage process. Malware authors begin by cloning the functionality of a legitimate app and uploading it on the Play Store. This app is fully functional, requests access to dangerous permissions, but also doesn't perform any malicious actions when it's first run.
Because the malicious actions are usually delayed by hours or days, Google's security scans don't pick up the malicious code, and Google usually allows the app to be listed on the Play Store. But once on a user's device, the app eventually downloads and "drops" (hence the name droppers, or loaders) other components or apps on the device that contain the Joker malware or other malware strains.
Following its internal procedures, Google removed the apps from the Play Store, used the Play Protect service to disable the apps on infected devices, but users still need to manually intervene and remove the apps from their devices. But this recent takedown also marks the third such action from Google's security team against a batch of Joker-infected apps over the past few months. [...] The way these infected apps usually manage to sneak their way past Google's defenses and reach the Play Store is through a technique called "droppers," where the victim's device is infected in a multi-stage process. Malware authors begin by cloning the functionality of a legitimate app and uploading it on the Play Store. This app is fully functional, requests access to dangerous permissions, but also doesn't perform any malicious actions when it's first run.
Because the malicious actions are usually delayed by hours or days, Google's security scans don't pick up the malicious code, and Google usually allows the app to be listed on the Play Store. But once on a user's device, the app eventually downloads and "drops" (hence the name droppers, or loaders) other components or apps on the device that contain the Joker malware or other malware strains.
I don't care (Score:1)
Seriously, I don't care they removed from the Play Store.
I DO care they can't have a pop-up warning the users that have it installed to remove it NOW.
Also, I DO care they aren't calling the police directly to grab those crooks and throw them in jail.
Removing a thieving app from your store is NOT enough.
Re: (Score:2)
One can't help but wonder if the lack of prosecution(s) is related to the recent "progressive" religious notions to "defund the police" (because all cops are bastards) get rid of the court system and prisons.
Yes. Just one.
Re:I don't care (Score:4, Interesting)
I don't care either.
It's about the 6327th time they removed such criminal apps from their store.
That's the reason I bought an iPhone in the first place.
Re:I don't care (Score:5, Funny)
Why wait to be extorted when you can pay directly up front to Apple?
Re: (Score:2)
That's the reason I bought an iPhone in the first place.
Because you're so easily scammed that you'll literally install anything and give it access to your dialer? I honestly wonder if an iPhone will save you. You may be better off with https://www.grandpad.net/ [grandpad.net]
Re: (Score:2)
The whole point of an "App Store" is that everything is supposed to be curated. There should never be a problem. If every submission isn't carefully checked to make sure there is no malware then your "App Store" is pointless bullshit.
Re: (Score:2)
The point of an App Store, was a single place people can go to download apps, with a single installer. And for the store owner to collect a percentage of the sale.
Re: (Score:2)
And jack that up to 30%.
Re: (Score:2)
Businesses function off of profit. Bad businesses are focused on the short term profit, Good businesses plan for the long term profit. Most Businesses are in the middle.
Google wants to keep its play store profitable. That means for the short term, they want to sell as many apps as it can. In the Long term they want people coming back and using the site over and over again.
If the customer doesn't feel like they can trust it, they will switch to a different platform that they trust more.
A company will not
Re: (Score:3)
Except there is a duopoly, both of which suck (Android/Google, and Apple). There is no competition. So Alphabet/Google doesn't have to give a shit.
Re: (Score:2)
I DO care they can't have a pop-up warning the users that have it installed to remove it NOW.
Why can't they? Isn't that what Play Protect is for?
Re: (Score:3)
I DO care they can't have a pop-up warning the users that have it installed to remove it NOW.
They do. Do you have Play Protect enabled? It will notify you when known-malicious apps are on your device (including if they were on your device before they were identified as malicious). In cases of really dangerous apps Google instructs Play Protect to remove the app first, then tell you it did. This is really rare, though, reserved for egregiously bad apps. I don't think it's been used more than a handful of times.
Re: (Score:1)
I do have Play Protect enabled, but so far the only thing it has ever done is to check "on installation". After that, never hear of it ever again... ...which might mean I do not install crapware at all... who knows!
Re: (Score:2)
I do have Play Protect enabled, but so far the only thing it has ever done is to check "on installation". After that, never hear of it ever again... ...which might mean I do not install crapware at all... who knows!
Yep, it means you don't install crapware. Most people don't, actually. In spite of the regularity with which we hear about these bad apps getting into the Play Store, the percentage of users who install any of them is miniscule. According to the 2018 Annual Android Security Report [android.com] (I'm not sure why the 2019 report isn't out), only 0.08% of Android devices that only install from the Play store have potentially-harmful apps (PHA) on them. That statistic has to be tracked retroactively, of course, because *kno
Re: (Score:2)
Wait? WAP? (Score:2)
I didn't know that monstrosity was still around. Kill it! Burn it with fire. Save the planet.
Re: (Score:2)
If you are familiar with it perhaps you can explain what Wet Ass Pussy Billing Fraud is. I have a few ideas but don't want to look foolish.
Re: (Score:1)
Stop stalking me.
Re: (Score:2)
By his own admission, its your kids he wants to stalk, and he says its for their own good.
Re: (Score:2)
Car analogy: Big Mack truck right in this little garage
Re: (Score:2)
Wow someone has no sense of humour.
Premium WAP? (Score:2)
This was a feature I never knew existed.. Anyone have more information than I got from google?
Re:Premium WAP? (Score:5, Interesting)
This was a feature I never knew existed.. Anyone have more information than I got from google?
After searching through the ancient scriptures of a long past civilisation I found out that premium WAP services existed to sell people ringtones through a subscription service. Apparently their phones would make different beeping noises every month.
Fortunately as with all archaic and ill conceived ideas it has long passed to be forgotten in the sands of time along with the CueCat and Realplayer.
Re: (Score:1)
I remember when it cost extra 'points' (and thus, money) to transfer the photos from my flipfone to any other device.
There are probably still 'plans' out there where that is the case.
Re: (Score:2)
RealPlayer? Now that's a name I haven't heard in a long time. A long time.
Re: (Score:1, Troll)
This was a feature I never knew existed
Of course you didn't. But your wife had it whenever I came over, and google had nothing to do with it.
Re: (Score:2)
This wasn't good enough I'm giving you a 2nd chance to do better.
Re: (Score:2)
Re: (Score:2)
These still exist, and you can find them advertised on late night TV constantly still. The popularity of them has died down, but many services use premium texts for various things like notifications and such.
The othe
Re: (Score:2)
The free WAP sites push you pretty hard into signing up for the premium WAP sites. I'm surprised you have not encountered this before. Or maybe the article author didn't realize that WAP means something else in 2020.
Re: (Score:2)
Ask Cardi B
Why is this not depreciated? (Score:2)
WAP frankly has no business on a smartphone. Or can someone enlighten me why a modern phone would need access to WAP subscription services?
Re: (Score:2)
Re: (Score:2)
Money. Always money
Whose? No I mean what benefit exists for supporting this at any level? Google doesn't make money from supporting it. I get it carriers may because they can skim off the top, but if the service literally exists to just scam people or do stuff you can get via the actual internet without carriers skimming off the top, why support this?
Re: (Score:2)
I doubt Android has native support for WAP as such. It's just XML over HTTP with MIME types like application/vnd.wap.xhtml+xml. If you know the URLs of the WAP services, you can access it from an application with libcurl and expat.
when? (Score:2)
Re: (Score:2)
Numbers numbers (Score:1)
Re: (Score:1)
You misspelled fishing. And most fly fishermen wear wader boots that keep their posterior dry.
Or were you referring to oxen wading out into the river to catch fish? Because asses are herbivores, though I suppose they could somehow be trained to catch fish.
WAP? (Score:1)
WAP? (Score:2)
Re: (Score:1)
Apps. What a great idea. (Score:1)
Tell me again why installing a flashlight / audio recording / calculator app from some random Ting Tong Tang Chinese company is a good idea? (Or from some goddamn developer whose last name sounds like a Russian vodka)
Folks need to reconsider what they're putting on their phones. Is it *really* that important that your phone dialer reflect your individuality as a person?
Re: (Score:2)
Early Computers were built to do a single job.
Then they created them in a way where you could rewire them to do slightly different jobs.
Then you no longer didn't need to wire them, but you can give them instructions via cards or paper tape, with holes in them.
Technology moved on and faster methods and greater storage and faster processing was available to create and store multiple sets of instructions and ran with increasingly complexity.
The Programmed Application was born or as we call it today the App.
The
Re: (Score:2)
I don't disagree with the potential utility and possibilities for making a device more useful. I question the execution. Android's "privacy second" approach has ensured that apps function as one huge data leak. It doesn't have to be that way but evidently there's profit to be had.
Re: (Score:2)
If only they had a fleshlight app. Then we'd never need to worry about WAP again.
Macaroni in the pot
How did they get 120,000 installs so quickly? (Score:2)
With so many apps released daily, even good apps are lost in the stream unless they manage to build a strong word of mouth or they pay to advertise the apps.
Did google receive payment to promote these apps? Did they use another mechanism to fool the users into installing these apps?
The article lacks a lot of pertinent information.
WAP still alive? (Score:2)
Seriously, is WAP still alive? Does "WAP billing" work anywhere in the world? :D
I had the first ever WAP phone back in 1998 - the Siemens S25 (also first color screen - 4 colors). Because it was the first and used WAP 1.0, when WAP was actually rolled out by some sites a newer version of the protocol was used so my phone never managed to visit any WAP sites... My next phone could potentially show WAP sites, but why would I want to visit those stupid things ?
BTW, that ancient phone still works, I tried it a
Re: (Score:2)
Does "WAP billing" work anywhere in the world?
Apparently it does or else no one would go to the effort of trying to make malware to take advantage of it.
Cardi B WAP (Score:1)
WAP (Score:2)
Worms in this house
There's some worms in this house
There's some worms in this house
There's some worms in this house(Hol' up)
I said certified freak, sevendays a week
Wireless Application Protocol, make that bank account weak!
Yeah, yeah, yeah, yeah
Yeah, you fuckin' with some Wireless Application Protocol
Bring a bucket and a mop for this Wireless Application Protocol
Give me everything you got for this Wireless Application Protocol
I don't have the strength to continue :(
WAP still lives? I thought WAP died 15 years ago (Score:1)
I worked on Cingular Wireless' brand new National Networks team back in 2000-2004, where we ran their Nokia WAP Gateway and related upstream systems for years. A WAP gateway was essentially an HTTP proxy that translated UDP based WAP protocol from the flip phones into regular TCP based HTTP for browsing the web. These were the days when 9.6Kbps data connections was the best you could expect, so WAP was needed because it was far more efficient than HTTP. Once wireless networks reached 2G and got faster (eg 6