Report: Toll Fraud Emerges as Android’s Number One Threat

Mobile malware continues to run rampant, thanks to a growing glut of toll fraud malware – apps that have been engineered to bill its victims through premium SMS services. The malware type eclipsed spyware this year as the largest application-based threat according to mobile security firm Lookout who found it made up 79 percent of the malware it detected over the past year.

AndroidMobile malware continues to run rampant, thanks to a growing glut of toll fraud malware – apps that have been engineered to bill its victims through premium SMS services. The malware type eclipsed spyware this year as the largest application-based threat according to mobile security firm Lookout who found it made up 79 percent of the malware it detected over the past year.

“The prevalence of Toll Fraud grew explosively from 29 percent of the application-based threats in Q3 2011 to more than 62 percent in Q2 2012,” reads one part of the firm’s State of Mobile Security 2012 report, posted today on the company’s blog.

FakeInst, a type of toll fraud malware, has dominated mobile phones over the last six or seven months. Opfake, a FakeInst variant, has even been seen meshing with copies of Opera’s Mini browser as of late.

Lookout posits copies of the SMS Trojan have earned the malware’s authors approximately $10 million over the last nine months, mostly from victims in Russia and Eastern Europe.

The lack of SMS regulation in this region, coupled with rarely monitored app distribution sites had led to the increased proliferation of toll fraud.

It should come as no surprise that mobile devices in these parts of the world, China included, all have a better chance of being infected with some form of malware or spyware. For example, according to Lookout’s report, phones in Russia have a 42 percent chance of being infected with malware.

The results recall F-Secure’s recent Mobile Threat Report, which last month found 19 new families of malware and 21 new variants of previously known families of malware on the Android platform. While F-Secure’s report described an influx in infections from OpFake and Heuristic, Lookout’s report makes it clear that FakeInst has been rapidly increasing this year.

For Lookout’s full report, head to their blog.

Suggested articles

biggest headlines 2020

The 5 Most-Wanted Threatpost Stories of 2020

A look back at what was hot with readers — offering a snapshot of the security stories that were most top-of-mind for security professionals and consumers throughout the year.