A recently discovered fraudulent adult video website attempts to trick users into installing an app as part of a scam. When a user proceeds to view an adult video and clicks on the play button, a download of a certain 'player.apk' will begin.
 |
| 'player.apk' is ready to be installed |
The app's list of permissions does not seem to be malicious at all because it is not only short but only includes privacy permissions.
 |
| list of app permissions |
After installing and launching the app, a member's page showing a selection of adult videos will be displayed onscreen. After a while, the app will then display details about a subscription that the user has apparently subscribed to and now must pay for.
 |
| subscription details displayed by the app |
What's unique about this Android.Oneclickfraud variant?
Instead of asking for the usual bank transfer payment, this variant asks for the user's card details as a form of payment.
 |
| payment options that the malware presents |
The user is offered two subscription fees. The user is given a chance to pay 99,000 Japanese Yen within 3 days. However, payment exceeding 3 days would lead the fee's price to increase to 300,000 Japanese Yen. This is to make the user panic and pay as quickly as they can.
This malware has been suspected to have begun last May and had been downloaded over 500 times at the time.
Article Ref: http://www.symantec.com/connect/blogs/japanese-one-click-fraudsters-give-old-trick-second-chance
No comments:
Post a Comment