Cyber security experts are warning users to beware of a WAPDropper, a new mobile malware threat that could sign you up for premium-rate phone services and could shock you the next time you get your bill.
In a recent report, Check Point discovered the scamsters use WAPDropper to download and stealthily execute additional malware onto infected mobile devices.
“This type of scam is known as International Revenue Share Fraud (IRSF) and it’s big business, generating an estimated $4 to $6 billion per year for fraudsters,” Check Point wrote in a blog post.
The experts further added this type of multi-function ‘dropper’ has become a common type of mobile infection over the past year:
“WAPDropper consists of two different modules: the dropper module, which is responsible for downloading the 2nd stage malware, and a premium dialer module that subscribes victims to premium services offered by legitimate sources – In this case, telecommunication services providers in two countries in Southeast Asia – Thailand and Malaysia.”
Moreover, users should be wary of downloading mobile apps from unofficial app stores, as this is most common method of getting infected from mobile malware.
On a similar note, the FBI issued a new warning just this past June that cyber actors are also using banking trojans and fake mobile banking apps to steal your banking information.