Exposed: Bot Family Infecting Mobile Users On Two Continents
The malware dubbed 'Venus' has been detected in eight apps so far and takes the form of a family of Trojan bots that have now made their way into Belgium, France, Germany, Guinea, Holland, Morocco, Poland, Portugal, Senegal, Spain and Tunisia.
Of the eight Venus malware apps that were discovered by Evina, only one has been removed from the PlayStore after being downloaded over 100 000 times. Evina's advice for mobile users is to avoid flashlight, scanner and wallpaper applications.
The purpose of the Venus malware that has been attacking users since October is to stimulate interaction with adverts and subscribe to premium services without the mobile user noticing. "The user's browser is invisible during the interaction which makes this latest global mobile fraud particularly effective," says Maxime Ingrao, Evina Security Analyst.
Evina helped penetrate the veil of secrecy around Venus by building a honeypot around a network of 3G SIM card proxies. It was soon noticed that data allowances were being rapidly consumed by certain apps.
Fortunately, even protections against reverse engineering were not enough to protect the fraudulent code from eventual discovery by Evina's mobile sleuths.
"This bot family are super smart as they never attack on the first day of installation and wait for the right time to launch more than one invisible browser,' Mr Ingrao adds.
Evina is a Paris-based scale-up that spent over a decade developing Evina DCBprotect, now the world's leading telecoms payment protection.
Anecdotal evidence suggests that fraudulent payments on mobile phones is on the rise. "By ensuring secure mobile payment, we are ensuring the long-term sustainability of mobile monetisation"
Evina is helping secure mobile end-users while enabling business growth for Mobile Network Operators (MNOs) by protecting over six million transactions every day.
Evina's DCB technology is live in over 40 world markets where it specifically provides merchant and payment gateways with proprietary technology dedicated to preventing malicious apps from making payments.
Evina's mobile advertising solution furthermore blocks fraudsters attempting to create fake clicks and installs across the entire digital advertising value chain.