Exposed: Bot Family Infecting Mobile Users On Two Continents

By: Evina
PARIS - Dec. 30, 2019 - PRLog -- French anti-fraud solutions provider Evina has unmasked malware on the GooglePlay app store that has been downloaded over 285 000 times by mobile users in 11 African and European countries.

The malware dubbed 'Venus' has been detected in eight apps so far and takes the form of a family of Trojan bots that have now made their way into Belgium, France, Germany, Guinea, Holland, Morocco, Poland, Portugal, Senegal, Spain and Tunisia.

Of the eight Venus malware apps that were discovered by Evina, only one has been removed from the PlayStore after being downloaded over 100 000 times. Evina's advice for mobile users is to avoid flashlight, scanner and wallpaper applications.

The purpose of the Venus malware that has been attacking users since October is to stimulate interaction with adverts and subscribe to premium services without the mobile user noticing. "The user's browser is invisible during the interaction which makes this latest global mobile fraud particularly effective," says Maxime Ingrao, Evina Security Analyst.

Evina helped penetrate the veil of secrecy around Venus by building a honeypot around a network of 3G SIM card proxies. It was soon noticed that data allowances were being rapidly consumed by certain apps.

Codes of the apps were analysed by Evina engineers who soon encountered protected as well as missing files which together create a suspicious combination. Embedded URLs and javascript commands redirect to premium services and to sites containing ads from where the fraudsters are remunerated.

Fortunately, even protections against reverse engineering were not enough to protect the fraudulent code from eventual discovery by Evina's mobile sleuths.

"This bot family are super smart as they never attack on the first day of installation and wait for the right time to launch more than one invisible browser,' Mr Ingrao adds.

Evina is a Paris-based scale-up that spent over a decade developing Evina DCBprotect, now the world's leading telecoms payment protection.

Anecdotal evidence suggests that fraudulent payments on mobile phones is on the rise. "By ensuring secure mobile payment, we are ensuring the long-term sustainability of mobile monetisation" says David Lotfi, Evina CEO.

Evina is helping secure mobile end-users while enabling business growth for Mobile Network Operators (MNOs) by protecting over six million transactions every day.

Evina's DCB technology is live in over 40 world markets where it specifically provides merchant and payment gateways with proprietary technology dedicated to preventing malicious apps from making payments.

Evina's mobile advertising solution furthermore blocks fraudsters attempting to create fake clicks and installs across the entire digital advertising value chain.

Diane Chartan
Location:Paris - Paris - France
Account Email Address Verified     Account Phone Number Verified     Disclaimer     Report Abuse
Ivan Booth PR PRs
Trending News
Most Viewed
Top Daily News

Like PRLog?
Click to Share