Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Android Google Security

Google Removes 17 Android Apps Caught Engaging In WAP Billing Fraud (zdnet.com) 57

Google has recently removed 17 Android applications from the official Play Store because they were infected with the Joker (aka Bread) malware. ZDNet reports: "This spyware is designed to steal SMS messages, contact lists, and device information, along with silently signing up the victim for premium wireless application protocol (WAP) services," Zscaler security researcher Viral Gandhi said this week. The 17 malicious apps were uploaded on the Play Store this month and didn't get a chance to gain a following, having been downloaded more than 120,000 times before being detected.

Following its internal procedures, Google removed the apps from the Play Store, used the Play Protect service to disable the apps on infected devices, but users still need to manually intervene and remove the apps from their devices. But this recent takedown also marks the third such action from Google's security team against a batch of Joker-infected apps over the past few months. [...] The way these infected apps usually manage to sneak their way past Google's defenses and reach the Play Store is through a technique called "droppers," where the victim's device is infected in a multi-stage process. Malware authors begin by cloning the functionality of a legitimate app and uploading it on the Play Store. This app is fully functional, requests access to dangerous permissions, but also doesn't perform any malicious actions when it's first run.

Because the malicious actions are usually delayed by hours or days, Google's security scans don't pick up the malicious code, and Google usually allows the app to be listed on the Play Store. But once on a user's device, the app eventually downloads and "drops" (hence the name droppers, or loaders) other components or apps on the device that contain the Joker malware or other malware strains.

This discussion has been archived. No new comments can be posted.

Google Removes 17 Android Apps Caught Engaging In WAP Billing Fraud

Comments Filter:
  • Seriously, I don't care they removed from the Play Store.

    I DO care they can't have a pop-up warning the users that have it installed to remove it NOW.

    Also, I DO care they aren't calling the police directly to grab those crooks and throw them in jail.

    Removing a thieving app from your store is NOT enough.

    • Re:I don't care (Score:4, Interesting)

      by nospam007 ( 722110 ) * on Tuesday September 29, 2020 @05:40AM (#60553248)

      I don't care either.
      It's about the 6327th time they removed such criminal apps from their store.

      That's the reason I bought an iPhone in the first place.

    • The whole point of an "App Store" is that everything is supposed to be curated. There should never be a problem. If every submission isn't carefully checked to make sure there is no malware then your "App Store" is pointless bullshit.

      • The point of an App Store, was a single place people can go to download apps, with a single installer. And for the store owner to collect a percentage of the sale.

    • Businesses function off of profit. Bad businesses are focused on the short term profit, Good businesses plan for the long term profit. Most Businesses are in the middle.

      Google wants to keep its play store profitable. That means for the short term, they want to sell as many apps as it can. In the Long term they want people coming back and using the site over and over again.
      If the customer doesn't feel like they can trust it, they will switch to a different platform that they trust more.

      A company will not

      • If the customer doesn't feel like they can trust it, they will switch to a different platform that they trust more.

        Except there is a duopoly, both of which suck (Android/Google, and Apple). There is no competition. So Alphabet/Google doesn't have to give a shit.

    • I DO care they can't have a pop-up warning the users that have it installed to remove it NOW.

      Why can't they? Isn't that what Play Protect is for?

    • I DO care they can't have a pop-up warning the users that have it installed to remove it NOW.

      They do. Do you have Play Protect enabled? It will notify you when known-malicious apps are on your device (including if they were on your device before they were identified as malicious). In cases of really dangerous apps Google instructs Play Protect to remove the app first, then tell you it did. This is really rare, though, reserved for egregiously bad apps. I don't think it's been used more than a handful of times.

      • I do have Play Protect enabled, but so far the only thing it has ever done is to check "on installation". After that, never hear of it ever again... ...which might mean I do not install crapware at all... who knows!

        • I do have Play Protect enabled, but so far the only thing it has ever done is to check "on installation". After that, never hear of it ever again... ...which might mean I do not install crapware at all... who knows!

          Yep, it means you don't install crapware. Most people don't, actually. In spite of the regularity with which we hear about these bad apps getting into the Play Store, the percentage of users who install any of them is miniscule. According to the 2018 Annual Android Security Report [android.com] (I'm not sure why the 2019 report isn't out), only 0.08% of Android devices that only install from the Play store have potentially-harmful apps (PHA) on them. That statistic has to be tracked retroactively, of course, because *kno

    • it's probably a situation where the people who design these apps are in areas that are outside the jurisdiction of the US legal system.
  • I didn't know that monstrosity was still around. Kill it! Burn it with fire. Save the planet.

  • This was a feature I never knew existed.. Anyone have more information than I got from google?

    • Re:Premium WAP? (Score:5, Interesting)

      by thegarbz ( 1787294 ) on Tuesday September 29, 2020 @05:45AM (#60553252)

      This was a feature I never knew existed.. Anyone have more information than I got from google?

      After searching through the ancient scriptures of a long past civilisation I found out that premium WAP services existed to sell people ringtones through a subscription service. Apparently their phones would make different beeping noises every month.

      Fortunately as with all archaic and ill conceived ideas it has long passed to be forgotten in the sands of time along with the CueCat and Realplayer.

      • I remember when it cost extra 'points' (and thus, money) to transfer the photos from my flipfone to any other device.

        There are probably still 'plans' out there where that is the case.

      • RealPlayer? Now that's a name I haven't heard in a long time. A long time.

    • Re: (Score:1, Troll)

      by mobby_6kl ( 668092 )

      This was a feature I never knew existed

      Of course you didn't. But your wife had it whenever I came over, and google had nothing to do with it.

    • by EvilSS ( 557649 )
      Think 1-900 numbers, but for text messages. It was a way for phone companies to try to allow themselves and other companies sell you shit on your feature phone before the advent of modern smart phones. You text the service, and it bills back through your phone company, who of course takes a cut.
      • by tlhIngan ( 30335 )

        Think 1-900 numbers, but for text messages. It was a way for phone companies to try to allow themselves and other companies sell you shit on your feature phone before the advent of modern smart phones. You text the service, and it bills back through your phone company, who of course takes a cut.

        These still exist, and you can find them advertised on late night TV constantly still. The popularity of them has died down, but many services use premium texts for various things like notifications and such.

        The othe

    • by jrumney ( 197329 )

      The free WAP sites push you pretty hard into signing up for the premium WAP sites. I'm surprised you have not encountered this before. Or maybe the article author didn't realize that WAP means something else in 2020.

    • Ask Cardi B

  • WAP frankly has no business on a smartphone. Or can someone enlighten me why a modern phone would need access to WAP subscription services?

    • Money. Always money
      • Money. Always money

        Whose? No I mean what benefit exists for supporting this at any level? Google doesn't make money from supporting it. I get it carriers may because they can skim off the top, but if the service literally exists to just scam people or do stuff you can get via the actual internet without carriers skimming off the top, why support this?

        • by _merlin ( 160982 )

          I doubt Android has native support for WAP as such. It's just XML over HTTP with MIME types like application/vnd.wap.xhtml+xml. If you know the URLs of the WAP services, you can access it from an application with libcurl and expat.

  • Nobody arrested?
    • by Pascoea ( 968200 )
      I'd assume that this is a foreign endeavor. We don't have jurisdiction to arrest Chinese, Russian, Indian, etc. citizens.
  • "... didn't get a chance to gain a following, having been downloaded more than 120,000 times ..." (Isn't that kind of an oxymoron?) If the malware was used 120,000 times to subscribe people for paid services, the gang has already earned millions...
  • by bn-7bc ( 909819 )
    Not to sound snobbish or anything but, who the hell still uses WAP? I was under the impression that wap pretty much died once3G (no this is not a typo) was rolled out and smartphones became 70%+ of the market, but apparently I was wrong,because if WAP realy was dead the fraudsters would have moved on
  • You keep using that word. I do not think it means what you think it means.
  • Tell me again why installing a flashlight / audio recording / calculator app from some random Ting Tong Tang Chinese company is a good idea? (Or from some goddamn developer whose last name sounds like a Russian vodka)

    Folks need to reconsider what they're putting on their phones. Is it *really* that important that your phone dialer reflect your individuality as a person?

    • Early Computers were built to do a single job.
      Then they created them in a way where you could rewire them to do slightly different jobs.
      Then you no longer didn't need to wire them, but you can give them instructions via cards or paper tape, with holes in them.
      Technology moved on and faster methods and greater storage and faster processing was available to create and store multiple sets of instructions and ran with increasingly complexity.
      The Programmed Application was born or as we call it today the App.
      The

      • I don't disagree with the potential utility and possibilities for making a device more useful. I question the execution. Android's "privacy second" approach has ensured that apps function as one huge data leak. It doesn't have to be that way but evidently there's profit to be had.

    • If only they had a fleshlight app. Then we'd never need to worry about WAP again.

      Macaroni in the pot

  • With so many apps released daily, even good apps are lost in the stream unless they manage to build a strong word of mouth or they pay to advertise the apps.

    Did google receive payment to promote these apps? Did they use another mechanism to fool the users into installing these apps?

    The article lacks a lot of pertinent information.

  • Seriously, is WAP still alive? Does "WAP billing" work anywhere in the world?
    I had the first ever WAP phone back in 1998 - the Siemens S25 (also first color screen - 4 colors). Because it was the first and used WAP 1.0, when WAP was actually rolled out by some sites a newer version of the protocol was used so my phone never managed to visit any WAP sites... My next phone could potentially show WAP sites, but why would I want to visit those stupid things ? :D
    BTW, that ancient phone still works, I tried it a

    • by EvilSS ( 557649 )

      Does "WAP billing" work anywhere in the world?

      Apparently it does or else no one would go to the effort of trying to make malware to take advantage of it.

  • Listen.. If you're doing financial transactions with wet ass pussy, you're bound to get a little fraud every once in a while.
  • Worms in this house
    There's some worms in this house
    There's some worms in this house
    There's some worms in this house(Hol' up)
    I said certified freak, sevendays a week
    Wireless Application Protocol, make that bank account weak!

    Yeah, yeah, yeah, yeah
    Yeah, you fuckin' with some Wireless Application Protocol
    Bring a bucket and a mop for this Wireless Application Protocol
    Give me everything you got for this Wireless Application Protocol

    I don't have the strength to continue :(

  • I worked on Cingular Wireless' brand new National Networks team back in 2000-2004, where we ran their Nokia WAP Gateway and related upstream systems for years. A WAP gateway was essentially an HTTP proxy that translated UDP based WAP protocol from the flip phones into regular TCP based HTTP for browsing the web. These were the days when 9.6Kbps data connections was the best you could expect, so WAP was needed because it was far more efficient than HTTP. Once wireless networks reached 2G and got faster (eg 6

Some people manage by the book, even though they don't know who wrote the book or even what book.

Working...