One-click-fraud apps go from PC to Android

One-click-fraud apps that tempt victims with porn and trick them into paying sizeable sums to avoid embarrassment are popping up on Google Play in large numbers, reports Symantec.

The Android apps, which are used mostly in Japan, started appearing in Google's app store in the country in late January. Since then, the number counted by Symantec has grown to over 200 published by more than 50 developers. In the last two months, the apps have been downloaded at least 5,000 times.

The apps are a carryover from the world of PCs, where they have been a favorite of criminals for sometime. Whether on a notebook or an Android smartphone, the apps work in a similar fashion.

On the smartphone a person first downloads the app, which sometimes seeks network communication permission, but oftentimes does not require the user to accept any permissions at all. That's because the app is only used as a vehicle to fraudulent porn sites.

When people launch the app, it opens the phone's Web browser and takes them to a site that claims to have information on the visitors and demands money to keep it private.

"It's akin to ransomware in a way, but it's not locking your phone," said Satnam Narang, manager of Symantec Security Response. "The difference here is it's a shameful thing that you're viewing pornography."

Symantec does not know how much money has been collected through the scam, although the perpetrators can demand as much as $1,000, Symantec said in a blog post.

[Slide show: 10 tips for Android security]

In June 2012, Tokyo police arrested six men accused of fraud through the use of a one-click-fraud app offered through a third-party website. The group tricked 9,252 people into installing the app and conned 211 people into paying a total of $260,000. The gang also extracted personally identifiable information and stored it on a server.

While it is possible such apps could find their way to the U.S., there are no indications that they are headed this way. "It's certainly possible, but we have yet to see it," Narang said.

Symantec has reported the apps to Google, which has been removing them from the store. However, the number of apps popping up is an indication that developers are trying launch as many as possible in hopes that a few will go undetected long enough to find victims.

The developers are also building apps that are luring users by offering access to dating sites, which are considered sleazy in Japan.

Because anyone can build and distribute Android apps, criminals have been increasingly targeting the mobile OS with malware. In addition, there are no shortage of potential victims. More than half of the smartphones in the world are powered by Android.

Besides being used to steal data or extort money, Android malware has recently been discovered in targeted attacks against political activists in Europe.

Read more about wireless/mobile security in CSOonline's Wireless/Mobile Security section.

Tags mobile securityGooglesoftwareapplicationssymantecpornclick fraudData Protection | WirelessGoogle Play

Show Comments