Invisible browser powers one-million install malware

Evina’s fight against mobile malware is producing dividends with the anti-fraud firm announcing a significant victory against fraudsters.

Evina’s efforts to uncover malicious mobile applications saw the Paris-headquartered scale-up recently unmask malware that has been downloaded by over a million mobile users.

“Malware and ransomware that targets hundreds of millions of mobile users worldwide can have devastating personal, productivity and financial consequences. It is of the utmost importance for individuals, companies and countries that Evina remains vigilant against mobile malware,” says David Lotfi, CEO of Evina.

“Mobile networks, media publishers, advertising clients and others using the EVINA DCBprotect mobile anti-fraud solution can rest assured they are safe and properly-protected from this newly-discovered mobile malware,” explains Mr Lotfi.

Located on GooglePlay, the Trojan-based malware known as Troll has now been detected in at least three applications including the popular game, Parkour Roller. In a further twist, when users become aware of the malware through excessive mobile charges, Thai bots work to keep the average App Store rating of the infected game high.

This particular brand of malware uses an invisible browser to cause a cellular user’s device to stimulate interaction with online adverts, premium mobile services and more. In addition, disabling a device’s WiFi connection is a key component of the fraud because of the mobile charges that can follow.

All of this is done without the user noticing which means there is tremendous scope to cause a massive amount of harm to the personal lives, bank accounts and general productivity of mobile users located all over the globe.

“To protect our clients and mobile users generally, Evina runs regular monitoring of potential Android-related threats. Our team found the Troll malware by analysing the app’s underlying code using our proprietary malware recognition technology,” Mr Lotfi explained.

Typically, embedded URLs and javascript commands redirect to premium services and to sites containing ads from where the fraudsters are remunerated.

Evina has informed Google of the infected application in the hope that it will be removed. Generally, Evina advises mobile users to be cautious when downloading certain content from app stores. Evina’s advice for mobile users is to avoid flashlight, scanner and wallpaper applications.

Anticipating that fraudulent mobile payments would continue to increase, Evina spent over a decade developing Evina DCBprotect into the world’s leading telecoms payment protection solution. “Mobile fraud doesn’t have borders. By helping to uncover mobile malware, we are ensuring the long-term sustainability of the entire mobile ecosystem and, by implication, safeguarding the health of many intertwined world socioeconomic systems,” concludes Mr Lotfi.

The Fraud Observer

Do you like this article ?

Articles, interviews, analyzes, debates ... Once a month, the most valuable insights and news to fight fraud and grow your business.