January 15, 2010

Smartphones Tagerted By Older Porn Scams

Hi-tech criminals are dusting off some old tricks as mobile phones become more sophisticated, according to a recent BBC report.

Security companies have noticed a surge in trojan viruses like dialers, which were used most often in the days of dial-up net access.

The dialers are being used on smartphones to call premium rate lines leaving victims with a big bill.

Experts believe the dialers are becoming more popular as a quick way for criminals to cash in.

In the days of dial-up Internet, many dialers lurked on porn sites, and once they had their victim they disconnected their modem and placed a long distance call.

The economics of international calls meant that some of the cash spent on the call would be shared with the criminals.  Some dialers would mute the speaker on the modem so victims would not see when the overseas call was being placed.

Software firm CA's security wing said it is seeing a rise in dialers for smartphones.  However, this time dialers are calling premium rate lines and land victims with the bill.

Akhil Menon said on the CA security blog that it was seeing an "increasing trend of trojan dialers."  Menon profiled one virus particularly called Swapi.B, which sends premium SMS messages.

"The messages sent out are in the typical format to invoke premium services and land the mobile user with heavy mobile bills without the user's knowledge and consent," wrote Menon.

Many dialers are still contracted through porn sites, which are disguised as software, video clips or helper programs.

Mikko Hypponen, head of research at F-secure, told BBC News that he had seen a "handful" of dialers in recent months.

He said they were popular because they get around one of the big problems facing anyone wanting to make money out of Windows viruses.

"PC malware can't just directly steal money from your machine; it has to jump through hoops like keylogging your credit card number or sending spam," he said.

"However, mobile malware can just instantly steal from you by making premium-rate calls or messages," said Hypponen.

Some of the ones who created dialers were working to ensure that it was hard to shut down the premium rate service they set up to cash in.

Hypponen said some dialers sent messages or rang many different numbers, including legitimate ones.

"The trojan can place calls to, say, 100 different premium-rate numbers, only one of which is his own number," said Hypponen.

"How would you fight this? Shut down all the numbers, including the innocent ones?"