Blog Layout

New Phone Malware Signs You Up For Expensive Subscriptions

sccomputerguys • Dec 10, 2020

Researchers at Check Point have recently discovered a new malware threat that  targets mobile device users. Dubbed WAPDropper, this is a multi-function bit of code that's capable of being outfitted with a variety of payloads. At present, the hackers controlling WAPDropper have seen fit to include a premium dialer module, which gives the code the ability to sign the owner of the infected device up for a wide range of paid premium services.

If you're unfortunate enough to wind up with this malware strain on your device, the first thing WAPDropper will do will be to gather information about your device.

The data it will steal includes:

  • Device ID
  • Mac Address
  • Your Subscriber ID
  • The make and model of your device
  • A list of all the apps you have installed
  • A list of all services that are running
  • The topmost activity package name
  • Whether or not the screen is currently turned on
  • Whether or not notifications are enabled for each installed app
  • Whether or not each installed app can draw overlays
  • How much free storage space you've got
  • And the total amount of RAM the device has, and how much RAM is currently available

Having gathered the information, it will then reach out to it Command and Control server and relay those details back to the hackers. Then it will download and install the premium dialer.

Many premium based services rely on image-based CAPTCHA challenges, and WAPDropper was designed to get around those via machine learning routines built into the code.

This is a highly advanced, incredibly capable malware strain that could see you racking up hefty monthly charges without even realizing it until you get the first month's bill. If there's a silver lining here, it lies in the fact that at least to this point, the campaign is only targeting victims in Malaysia and Thailand. That, at least for the moment, makes it somewhat limited in scope.

That's small consolation for people living in those regions, of course, and that could change at any time. So this is definitely a threat to be aware of, especially if you live, work, or travel in the areas where it's currently operational.

You May Need To Replace Old Cisco VPN Routers

By sccomputerguys 22 Jul, 2022
Do you own one or more of the following products made by Cisco? The RV110W Wireless-N VPN Firewall The RV130 VPN Router The RV130W Wireless-N Multifunction VPN Router The RV215W Wireless-N VPN ...

Some Requested Features May Be Coming To Microsoft Teams

By sccomputerguys 21 Jul, 2022
Do you use Microsoft Teams?  If so, you'll be thrilled to know that the Redmond Giant is continuing to pour resources into improving the software with a specific focus on audio and ...

It May Be Time To Update Your Business Logo

By sccomputerguys 20 Jul, 2022
Corporate branding can be worth its weight in gold and certain images are absolutely iconic.  The Golden Arches, the Nike "swoosh," and Apple's Apple all come to mind. Logo images give companies ...

Researchers Find New CPU Security Vulnerability

By sccomputerguys 19 Jul, 2022
Remember the Heartbleed scare we had a couple years back?  It was a nasty side-channel attack that was somewhat exotic and difficult to pull off, and it was absolutely devastating and sent ...

Ransomware Hackers Have Set Their Sights On Exchange Servers

By sccomputerguys 18 Jul, 2022
Microsoft Exchange servers are once more in the crosshairs of hackers around the world.  Most recently, hacking groups have been specifically targeting them to deploy BlackCat ransomware. As is common among ransomware ...

The Surprising Ways Mobile Technology Impacts Our Lives

By sccomputerguys 16 Jul, 2022
If you grew up in the days before the internet, it's absolutely staggering to think of all the ways that mobile technology has changed our lives (and mostly for the better). Remember ...

Edge Will Replace Internet Explorer After It Is Gone

By sccomputerguys 15 Jul, 2022
It may seem as though Internet Explorer is the browser that will not die, but according to Microsoft, it is now a step closer to breathing its last virtual breath. Microsoft has ...

New Panchan Botnet Targets Linux Servers

By sccomputerguys 14 Jul, 2022
If you're involved with IT Security at any level and if your network includes Linux servers, keep a watchful eye out for the new Panchan botnet. It first appeared in the wilds ...

How To Protect Your Company With Cybersecurity Awareness

By sccomputerguys 13 Jul, 2022
These days, companies spend significant sums of money to protect themselves from cyber criminals.  The threat matrix is vast, and attacks can come from almost any quarter. That is why many companies ...

Data Breach Hits One Of America’s Largest Healthcare Providers

By sccomputerguys 12 Jul, 2022
Do you receive healthcare of any kind from Kaiser Permanente?  If so, be aware that they recently published a data breach notification indicating that an unidentified attacker accessed an email account that ...
More Posts
Share by: