Security firms have stated many times that malware designed for mobile devices is far less profitable for cybercriminals than the one that’s designed for desktop computers. However, recent investigations have showed that mobile malware is becoming more and more profitable.
ESET experts have discovered
a considerable increase in the number of pay-per-install campaigns that threaten Android owners. A Russian forum has revealed that such schemes are freely advertised, urging others to join the party
and start spreading malware.
According to the website, those who take part in such pay-per-install programs can earn as much as $5 (4 EUR) for each device they infect with a piece of malware, usually an SMS Trojan.
The amount is much higher than Windows malware can earn, but, then again, malicious elements designed to target Windows devices are somewhat easier to spread.
So how do these schemes work?
First, the cybercriminals create a piece of malware and masquerade it as a legitimate application on an alternative app market. After users download and install it, the app starts sending out SMS messages to premium rate numbers, inflating the victim’s bill and implicitly filling the crook’s pockets.
Researchers have uncovered a number of 30 different domain names tied to a single operation. These domains have been reportedly utilized to spread hundreds of malicious files.
300 unique URLs have been used to distribute 33 unique pieces of malware, most of them sending SMSs to numbers such as 6666, 9999, or 7375.
While pay-per-install campaigns are not new, this scenario further highlights the fact that as mobile platforms attract more customers, malware creators and those in charge of their distribution will shift their attention to this sector.
Users can protect themselves against such threats by downloading applications only from trusted sources and by ensuring that a security solution is installed on their devices.