Android Toll Fraud Malware Can Subscribe Users To Premium Services Without Consent


Toll fraud malware variants are reportedly targeting Android devices with API level 28 or Android 9.0 or older OS versions, according to Microsoft’s 365 Defender team.

Microsoft’s 365 Defender team has issued a warning to users about the rising prevalence of Android malware that forces users to subscribe to premium services against their will.

The researchers described the Toll Fraud malware, a type of billing fraud when malicious programmes sign customers up for premium services without their knowledge or agreement, in a blog post.It is one of the most common forms of Android malware, but because it is constantly changing, it is also one of the most hazardous.

How Toll Fraud malware works?

According to the 365 Defender team at Microsoft, the Toll Fraud virus that targets Android smartphones makes use of the Wireless Application Protocol, or WAP, billing system that is often used by legitimate apps for subscription services.

Customers can subscribe to paid content from websites that accept this protocol via WAP billing, and they will be directly charged on their mobile phone bill.The customer initiates a session with the service provider through a cellular network and navigates to the website that offers the paid service. This is where the subscription process begins.The user must click a subscription button in a subsequent step, and in some situations, they will receive a one-time password (OTP) that must be provided back to the service provider in order to confirm the membership, according to the team’s blog post.

On the other hand, the toll fraud software conceals the overall process by making subscription purchases on the user’s behalf.To transition to a mobile network, it first instructs the target consumers to turn off their Wi-Fi connection.The subscription website is then secretly navigated to, and the subscription button is automatically clicked.If the subscription process calls for an OTP, it intercepts the OTP, sends the OTP to the service provider, and then stops sending SMS notifications to the user so they won’t be aware of it.

Before executing these actions, the malware does a large and permissionless inspection to determine the subscriber’s country and mobile network using the mobile country codes (MCC) and mobile network codes (MNC).The goal of this inspection is to target users in a certain nation or region, the team continued.

Who is affected by Toll Fraud malware?

Toll fraud malware variants are reportedly targeting Android devices with API level 28 or Android 9.0 or older OS versions, according to Microsoft’s 365 Defender team.Users who are using the most recent mobile OS version on their devices are therefore secure.

How to safeguard yourself from Toll Fraud malware?

Downloading the most recent software update for your smartphone is one of the simplest ways to safeguard yourself from this infection.Additionally, avoid downloading Android apps from unreliable sources.Additionally, if an application doesn’t clearly explain why it needs SMS rights, notification listener access, or accessibility access, don’t provide it.

Found this article interesting? Follow BG on Facebook, Twitter and Instagram to read more exclusive content we post.

0 0 votes
Article Rating
Notify of

Inline Feedbacks
View all comments

Latest news

LG Ultra PC 14-Inch, 16-Inch Laptops With AMD Ryzen 5000 Series Processors Launched

The laptops of the LG Ultra PC series include anti-glare IPS panels with minimal bezels. Last week, LG introduced 14-inch...

Samsung Galaxy A23 5G With 6.6-Inch Infinity-V Display, 5,000mAh Battery Launched

Table of ContentsSamsung Galaxy A23 5G price, availability (expected)Samsung Galaxy A23 5G specifications Samsung has not yet revealed the Galaxy...

LG Ultra Tab With 10.35-Inch Display, Snapdragon 680 SoC Launched

Table of ContentsLG Ultra Tab priceLG Ultra Tab specifications The 7,040mAh battery in the LG Ultra Tab supports 25W rapid...

OnePlus 10T Glacier Mat Case With Sustainable Circulation Cooling, Bumper Case Sandstone Launched In India

Table of ContentsOnePlus 10T Glacier Mat Case, Bumper Case Sandstone, Tempered Glass price in India A tempered glass for the...

Latest Updates

Must read

WhatsApp Rolls Out Voice Message Preview Feature to Let You Review Your Recording Before Sending

WhatsApp on Tuesday announced the rollout of an ability...

Instagram Testing Subscriptions Feature to Help Creators Generate Monthly Revenue

Instagram is planning to add a subscriptions feature through...

You might also likeRELATED
Recommended to you

Would love your thoughts, please comment.x