Skip to main content

New Phone Malware Signs You Up For Expensive Subscriptions

By December 10, 2020May 5th, 2022Cybersecurity

Researchers at Check Point have recently discovered a new malware threat that  targets mobile device users. Dubbed WAPDropper, this is a multi-function bit of code that’s capable of being outfitted with a variety of payloads. At present, the hackers controlling WAPDropper have seen fit to include a premium dialer module, which gives the code the ability to sign the owner of the infected device up for a wide range of paid premium services.

If you’re unfortunate enough to wind up with this malware strain on your device, the first thing WAPDropper will do will be to gather information about your device.

The data it will steal includes:

  • Device ID
  • Mac Address
  • Your Subscriber ID
  • The make and model of your device
  • A list of all the apps you have installed
  • A list of all services that are running
  • The topmost activity package name
  • Whether or not the screen is currently turned on
  • Whether or not notifications are enabled for each installed app
  • Whether or not each installed app can draw overlays
  • How much free storage space you’ve got
  • And the total amount of RAM the device has, and how much RAM is currently available

Having gathered the information, it will then reach out to it Command and Control server and relay those details back to the hackers. Then it will download and install the premium dialer.

Many premium based services rely on image-based CAPTCHA challenges, and WAPDropper was designed to get around those via machine learning routines built into the code.

This is a highly advanced, incredibly capable malware strain that could see you racking up hefty monthly charges without even realizing it until you get the first month’s bill. If there’s a silver lining here, it lies in the fact that at least to this point, the campaign is only targeting victims in Malaysia and Thailand. That, at least for the moment, makes it somewhat limited in scope.

That’s small consolation for people living in those regions, of course, and that could change at any time. So this is definitely a threat to be aware of, especially if you live, work, or travel in the areas where it’s currently operational.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.