A cyber-security company, Kaspersky Lab, has stated that a new malware Xafecopy Trojan has been discovered in India. Apparently, the malware is said to be stealing your money by tapping into your smartphone.
According to the report issued by Kaspersky Lab:
“Experts have uncovered a mobile malware targeting the WAP billing payment method, stealing money through victims’ mobile accounts without their knowledge”
Also Read: New undetectable, file-less computer virus targeting telecom industry globally
Functionality of Xafecopy Trojan
Xafecopy Trojan operates by installing at the smartphone of the victim, it then mimics as BatteryMaster and considers itself as a super safe application. After gaining place in the smartphone, the malware loads malicious content and later utilizes it for transactions through WAP (Wireless Application Portal) billing.
It is noteworthy to state that WAP is essentially a form of mobile payment which charges the mobile phone bill of the user directly.
After loading the malicious content, the malware then quietly subscribes itself to a handful of services. In order to dodge ‘captcha’ system, the malware uses technology. One of the key hacks of the malware is that a user is not required to help by setting any sort of passwords.
Quick Read: India to upgrade its mobile phone security and the reason is Pakistani hackers
Who are the victims of this malware?
40% of the targets have been discovered in India.
The report stated:
“Xafecopy hit more than 4,800 users in 47 countries within the space of a month, with 37.5 per cent of the attacks detected and blocked by Kaspersky Lab products targeting India, followed by Russia, Turkey and Mexico”
The experts at Kaspersky Lab feel that cyber criminals, who have developed this malware, are sharing the code among themselves. In addition, they also said that cyber-attacks through WAP are on the charge; however, this is not the only strategy which is being used by the hackers.
A senior malware analyst at Kaspersky Lab, Roman Unuchek said:
“The malware has also been detected with different modifications, such as the ability to text messages from a mobile device to premium-rate phone numbers, and to delete incoming text messages to hide alerts from mobile network operators about stolen money”
Read More: Avoid online attacks with these simple security tips
Android users should be wary of downloading apps
Keeping in mind the hacks and the malware, the managing director of Kaspersky Lab (South Asia), Altaf Halde has cautioned the android users to remain exceptionally vigilant which downloading an app from the Play Store.
“It is best not to trust third-party apps; and whatever apps users do download should be scanned locally with the Verify Apps utility. But beyond that, Android users should be running a mobile security suite on their devices”
The idea is to remain watchful so that no malware can infect your smartphone device.