Google’s popular Android operating system appears to still be the mobile operating system of choice for fraudsters and malware authors: Google has just pulled dozens of apps from the Android Market because they trick European users into paying premium SMS charges. According to the mobile security firm Lookout, Google has removed 22 apps from the market for essentially being wrappers around a new RuFraud threat; Lookout says they’ve since found and reported an additional five apps bearing RuFraud to Google.
Some of the apps offer horoscopes or claim to be wallpaper apps for popular movies (including the Twilight series), while others purport to be downloaders for well-known games (like Angry Birds, Assassin’s Creed, Tetris, and Cut the Rope) or software that’s available for free from legitimate sources (like Opera Mobile). The apps present an initial screen where the only option for users is to continue; that is taken as consent to the apps’ terms of service. Buried deep in the TOS behind a number of obfuscating links are agreements to pay premium charges.
North American users would not have been impacted by the apps because the premium shot codes used by the apps are gated by country; however, users in a number of western and eastern European countries would have been susceptible to the apps.
Lookout reports some of the apps were removed very quickly with minimal exposure to Android Market users, but estimates some of the apps may have reached more than 14,000 people.
Lookout’s alert follows closely on a report from Juniper Networks that found a 472 percent increase in the incidence of Android malware since July 2011.