Researchers from Panda Security have discovered five malicious applications designed to lure infected device owners into paid mobile services. The worst part is that all the applications were uploaded to Google Play.
These applications seem to target Spanish-speaking users. Their names were because they have now been removed from Google Play: Peinados Fáciles, Dietas para Reducir el Abdomen, Rutinas Ejercicios para el Gym and Cupcakes Recetas.
They just infect one device, they wait for the victim to open WhatsApp. The malicious software it is designed to intercept victim's phone number from WhatsApp and to uses to subscribe to premium SMS subscription services.
At first sight, applications seem harmless. They even give advice on various topics to avoid any suspicion.
Her experts Panda Security report that each application has been downloaded from 50.000 and 100.000 times. This means that they are infected by 300.000 up to 1,2 millions of users.
"Η αλήθεια είναι ότι οι απατεώνες κερδίζουν τρελά ποσά από αυτές τις premium υπηρεσίες. Με μια συντηρητική εκτίμηση, ας πούμε, αν καταβάλλονται από 20 ευρώ από κάθε θύμα τους, αυτοί κερδίζουν ένα τεράστιο ποσό που αρχίζει από 6 έως και 24.000.000 ευρώ" αναφέρει ο Luis Corrons, Τεχνικός Διευθυντής της Panda Labs.