Microsoft warns about Android malware that could secretly steal your money

Android Central
Android Central
Β 2022-07-05

What you need to know

  • Microsoft has issued a warning to Android users about toll fraud malware that is constantly evolving.
  • This type of malware subscribes unsuspecting users to premium services without their knowledge.
  • Hefty subscription fees will then be charged on your monthly phone bill with no consent.

Microsoft has warned Android users that still use older versions of the operating system about an evolving malware that can empty their wallet without their knowledge.

Microsoft's 365 Defender team has shared their findings about toll fraud malware, a type of billing fraud designed to sign you up for unwanted premium services without your consent. According to the researchers, it is one of the most dangerous types of malware because it is constantly evolving.

The team said that toll fraud malware abuses a billing mechanism called Wireless Application Protocol (WAP) to attack Android users. Legitimate apps use WAP to charge users for paid content through their mobile phone bill.

However, the toll fraud malware automatically enrolls you in premium services without your knowledge. Because it relies on cellular networks to function, it begins the attack once you are disconnected from a Wi-Fi network. When you're connected to a mobile network, the malware opens the subscription page in question and subscribes to a service on your behalf. It will then read an OTP (one-time password), if any, and fill out the necessary fields to complete the subscription process. Attackers are able to hide this activity by disabling SMS notifications.

This malware poses a number of risks, chief among them being the hefty charges on your monthly phone bill. Worse, the toll fraud malware is designed to avoid detection.

Microsoft says toll fraud malware hides behind apps that appear to be legitimate but are designed to request permissions beyond what their functions require. A camera app that requests SMS permissions is a common example.

The researchers noted that this malware targets Android phones running Android 9 and older versions. This means you're safe if you're running Android 10 or higher, but it still pays to use some of the best Antivirus apps for Android for extra protection. More importantly, Microsoft reminds users not to install apps from untrusted sources.

All Future PLC brands are supported by its audience. When you purchase through links on our site, we may earn an affiliate commission.

Comments / 23


Why not add an option to allow WAP to be turned off for those of us that don’t want anything added to our phone bills.

Patrick Steele

good luck stealing my money thanks to the government and the rich I'm lucky I have $3 in coins


πŸ–• Bill Gates and his data mining company Microsucks. Linux will set you free from the constant money machine.


Comments / 0