Popular cyber security firm, Kaspersky said in a report that they have recently detected a malware in India which steals money from the victims through their mobile phones. As much as 40% of all the target of the malware has been detected in India.
Malware Xafecopy Trojan targets the WAP billing payment method and steals money from their mobile accounts without their knowledge. Xafecopy Trojan secretly disguises itself into useful apps like Battery Master and then clandestinely loads the malicious to your device. In the meantime, your phone operates normally without any problem.
Once the code becomes active, with Wireless Application Protocol (WAP) billing, a type of mobile payment that charges users directly to their mobile bills, the malware Xafecopy automatically clicks on various web pages. Also, it subscribes users to a number of undesirable services to generate revenue through false means. The process does not require a user to set up payment gateway like a credit card or a debit card or authentication credentials like a username and password. It can also send a text message from victim’s phone to a premium phone number and delete incoming messages from mobile network providers regarding the charged amount.
The code of malware is designed in such a way that it automatically bypasses captcha systems used to safeguard the users by confirming that the action is being performed by a human. In captcha system, you need to put an alphanumeric string manually to gain access to the content past it.
Xafecopy has hit more than more than 4,800 users across 47 countries in past 30 days. Experts have also found that a lot of gangs involved in cyber crimes are sharing malicious codes among themselves.
To protect themselves from such malware attacks, users must keep their operating system up to date. Also, they must not download any content that looks suspicious. Apart from this, one should also have a mobile security suite installed on all the devices they use.
