The Google Play Store recently removed several malware-laden apps that were part of a large-scale SMS scam. This is reported by Jakub Vavra, an employee of antivirus company Avast, who discovered the fraud.
The SMS campaign is believed to be the work of one person or group. It consists of at least 151 apps that were all available for download at one point in the Google Play Store. The apps have collectively been downloaded more than 10.5 million times in more than 80 countries.
Scam still going on
Avast traced the first cases of the fraud campaign, which Vavra has renamed “UltimaSMS”, back to May 2021. Cases have also been reported from earlier this month, meaning the scam is still going on.
The apps have since been removed from the Play Store, but can still be downloaded elsewhere on the web. According to Vavra, UltimaSMS was promoted on popular social media platforms, such as Facebook, Instagram and TikTok. This was also the case with other recent adware scams and cases, according to Vavra.
Expensive SMS services
The apps in question are disguised as QR code scanners, keyboards, video and photo editors, camera filters, games, and spam call blockers, among other things.
When a user installs one of the apps, the app checks the user’s location, as well as the mobile phone identification code and phone number. Based on this data, the app determines which country code and language it should use for the fraud.
As soon as the user opens the app, a telephone number and possibly an e-mail address must be entered. The app cannot be used until the user provides this information.
After entering the data, the user is subscribed to premium SMS services that can charge up to $40 per month. This seems to depend on the maximum amount that can be charged via SMS in the user’s country of origin.
The apps do not provide the promised functionality after entering the data. Instead, they show options for more SMS services or stop working altogether. If users suspend and delete the apps, the SMS charges will continue.
Tips to avoid scams
Jakub Vavra offers tips for avoiding UltimaSMS and other scams. He advises people to stay vigilant and carefully read reviews before downloading an app. He also advises not entering a phone number unless you trust the app, and reading the fine print before entering information.
In addition, Vavra gives tips to disable the premium SMS option with your provider, and only download apps from official app stores. Although the UltimaSMS apps were available in the Google Play Store, they have since been removed. However, they remain downloadable from other app stores on the internet.
Malware in hypes
Recently, Google discovered malware in an app disguised as a Squid Game wallpaper app. It is more common for scammers to exploit hype to spread malware. This was also the case with the Game of Thrones series and even the corona crisis.
Catch up on more articles here
Follow us on Twitter here