The CallJam malware achieved a high ranking through deception while raking in funds through premium-rate calls
Android malware has been uncovered lurking on the Google Play app store that poses as a game while making calls to premium-rate numbers in the background.
Google Play infected
The game remained on Google Play until the company was notified by Check Point, in spite of users pointing out its deceptive activities in comments such as: “It dialled a wrong international number. Continuously. Wtf.”
The malware, which posed as a game called ‘Gems Chest for Clash Royale’, had been removed from Google Play’s listings as of Monday, but Check Point said it had already been downloaded between 100,000 to 500,000 times since it was placed there in May.
Aside from the dialling agent, the malware also sends victims to malicious websites that display revenue-generating advertisements.
CallJam does not make use of any complex hacks to make its calls, simply asking the targeted user for permission to do so, Check Point noted.
“Most users grant permissions willingly, often without reading or fully understanding information about the permissions they are granting,” the firm said in an advisory.
The malware was able to gain a high user rating of four out of five by forcing users to rate it before they could begin playing.
“This is another reminder that attackers can develop high-reputation apps and distribute them on official app stores, putting devices and sensitive data at risk,” Check Point said.
Are you a security pro? Try our quiz!