Russian Hackers Steal Money Via SMS
February 8, 2013

New SMS Attack In Russia Steals $20 Each Month

Michael Harper for — Your Universe Online

It´s a statement that should surprise no one: Russian Android users are being targeted by yet another malicious attack. According to AdaptiveMobile, malicious SMS Trojan attacks are affecting those Android fans in Russia who fall for the trap a young, lusty girl loves them and wants to share naked pictures of herself.

AdaptiveMobile has been tracking this scam as a part of their Ongoing Threat Analysis (OTA) and has found while these attacks first began in Russia, they´re now being carried out in other parts of the world as well. The cybercriminals behind this scam are likely earning themselves a tidy sum, taking roughly $20 USD a month from each victim.

Victims receive an SMS message on their mobile phones, claiming they have another MMS (or photo message) awaiting them. In one example, the SMS text read “You have an incoming MMS with text “Anastasia, I love you!”. To view: http:// [redacted].org/9560.htm.”

When users tap on the link in the SMS, they´re taken to a webpage which has been built to resemble their carrier´s website. Once here, the Trojan downloads a dirty app, which sends out more text messages to a premium rate service. These sent messages, about five in all, end up costing the victim more than $20, a charge that is tacked onto their monthly bill. According to Ciaran Bradley, the vice president of AdaptiveMobile, this particular attack has become very lucrative for the cybercriminals because users aren´t likely to notice charges as small as $20 on their monthly bills.

Though the attack does tack extra charges onto the user´s bill, they are shown two pictures of women standing on a beach. This attack can be directed at users on other types of mobile phones, though the Android attack has been programmed to delete incoming messages from the Premium SMS services confirming the charges.

In an email, Bradley confirmed these charges are being tacked on to victim´s monthly bills. When asked what roles the carriers are playing in these attacks, Bradley replied, “Carriers take fraud very seriously which is why we were asked to help because of our global view of mobile threats. We can´t go into specifics because of operational security but we are assisting the carriers involved in specifying new multi-layered systems to prevent these types of attacks in the future.”

Bradley also mentioned these kinds of attacks are flying both ways across the pond, from Europe to the U.S. and vice versa. As such, carriers would need to cross borders and work with one another to help bring this threat to an end.

“SMS is still the most popular form of communication amongst adults and is highly trusted, making it very attractive to spammers looking to abuse that confidence,” said Bradley in a statement.

“Whilst many operators already have measures in place to counter SMS spam, it is important that they are aware of these specific threats so that they ensure the correct action is taken.”

The names Android and Russia are often associated with cyber attacks and malware. Even so, as demonstrated by this attack, any mobile user with access to the mobile Internet is at risk. It bears repeating: Be wary of any link, particularly those that promise to show you a picture of anything, such as spiders underneath human skin, candid shots of yourself in the bathroom, or even lusty young Russian mistresses.