Follow Mint Lounge

Latest Issue

Home > Smart Living> Innovation > Microsoft issues advisory on malware for Android users

Microsoft issues advisory on malware for Android users

Toll fraud, a type of billing fraud, uses a multi-step attack flow to cause significant financial loss

Due to its complex cloaking methods, user-side prevention is crucial to maintaining the device's security
Due to its complex cloaking methods, user-side prevention is crucial to maintaining the device's security (Photo by Clint Patterson, Unsplash)

Listen to this article

In a blog post, Microsoft recently issued a private threat intelligence advisory about malware that might threaten your android device. 

One of the most common types of Android malware is toll fraud malware, a subset of billing fraud in which malicious programmes sign users up for premium services without their knowledge or agreement. Toll fraud differs from other types of billing fraud, such as SMS fraud and call fraud, in its methods. To send messages or make calls to a premium number, SMS fraud and phone fraud use a simple attack flow, whereas toll fraud uses a sophisticated multi-step attack flow that malware developers are always working to enhance. 

Also Read: How to protect your phone from malware and cybercriminals

Toll fraud often infiltrates a device via fraudulent subscriptions; it may also fetch premium service offers and initiate subscriptions without the knowledge of the user, force cellular communication, intercept OTPs and suppress notifications to ensure the user remains unaware of the malware.

The malware first drew media attention in 2017, when its first major malware family, Joker, found its way to the Google Play Store. Second only to spyware, it accounted for 34.8% of installed Potentially Harmful Applications (PHA) from the Google Play Store in the first quarter of 2022. Despite all of this focus, there isn't much information revealed on how this particular sort of malware executes its fraudulent activities. 

Here are some ways to protect your device from toll fraud 

One of the most prevalent types of malware is toll fraud, which mostly causes significant financial loss. Due to its complex cloaking methods, user-side prevention is crucial to maintaining the device's security. To be able to safeguard your device it is important to know the characteristics that can help you identify this family of malware. Microsoft segregated these characteristics into three -

Primary characteristics – patterns in plaintext included in the application that can be analyzed statically

Secondary characteristics – common API calls used to conduct toll fraud activities and

Tertiary characteristics – patterns in Google Play Store metadata such as the application’s category, the developer’s profile, and user reviews, among others

Also Read: Week in tech: It's farewell to Microsoft's Internet Explorer

In its security advisory, Microsoft also provided a list of things one can do to keep the malware at bay. Here are some of them.

1.  Avoid sideloading (installing Android apps from untrusted sources) and always check for device updates as a general rule. 

2.  Avoid granting SMS permissions, notification listener access, or accessibility access to any applications without a strong understanding of why the application needs it. These are powerful permissions that are not commonly needed.

3.  Use a solution such as Microsoft Defender for Endpoint on Android to detect malicious applications.

4.  If a device is no longer receiving updates, strongly consider replacing it with a new device.



Next Story