Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Android Apps from Google Play Used in One-Click Fraud Operation

Researchers at Symantec discovered hundreds of Android applications on Google Play being used as part of fraud scheme targeting Japanese users.

Researchers at Symantec discovered hundreds of Android applications on Google Play being used as part of fraud scheme targeting Japanese users.

The offending apps have since been taken off the Google Play marketplace, according to Symantec Security Response Manager Satnam Narang, who added that the developers’ accounts have been suspended by Google. The apps – more than 200 in all – are believed to have been part of a one-click fraud scam that may have victimized thousands.

One-click fraud refers to a scam that attempts to lure users interested in adult-related video to a site that attempts to trick them into registering for a paid service,” blogged Joji Hamada, security researcher with Symantec. “For many years, it has been common to see this type of fraud on computers. As smartphone usage has increased, so has the number of these types of scams on smartphone devices.”

Typically, people come across these scam sites when searching for items they are interested in or clicking on links in spam messages, he continued. Symantec researchers spotted the scheme making its way to Google Android devices roughly a year ago.

In this case, entering Japanese words related to pornographic video resulted in one of the apps being at the top of the search results. The apps normally only required the user to accept the “Network communication” permission, though some variants did not require the user to accept any permissions.

“This is because the app is simply used as a vehicle to lure users to the scam by opening fraudulent porn sites,” Hamada noted. “The app itself has no other functionality. This may fool users into feeling safe about the app and catch them off guard when launching the app.”

The ruse apparently worked on some. According to Symantec, more than 200 of the fraudulent applications were published and were downloaded at least 5,000 times during the past two months.

“As far as victims go, we are not aware of how many of these users actually paid money to the scammers; the “service” costs about 99,000 yen (approximately US$1,000),” according to Hamada. “It certainly must be worth the time and effort for the scammers as they have continued doing business for over two months.”

Advertisement. Scroll to continue reading.
Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Software giant Atlassian has named David Cross as its new CISO.

Dan Pagel has been named the new CEO of risk management and remediation firm Brinqa.

The City of Phoenix has promoted Mitch Kohlbecker to the role of Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.