Huge subscription fraud campaign hits over 100 million Android users

Scammers made away with “hundreds of millions”

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A widespread Android subscription fraud campaign has been discovered actively stealing from users money.

Uncovered by cybersecurity researchers from Zimperium zLabs, the “Dark Herring” campaign consists of some 470 apps, all found in the officialGoogle Play Store.

Theapps, most of which fall in the entertainment category, have all offered “premium” services for registered users. Those that would register an account, would be billed up to $15, through Direct Carrier Billing (DCB).

No malware present

DCB is a mobile payment method, allowing consumers to pay for things they buy online, via the bill for their phone plan. This means users that installed these apps would not know they’d been charged for anything, until the phone bill arrives in the mail.

Furthermore, as these apps can still be used, and many people don’t check the details of their phone bills, in some instances, the charging went on for months, the researchers hint.

As these apps don’t necessarily carrymalwarewith them, the fraud was relatively difficult to detect. In some cases, it was said, the victims took months before noticing that they had been fraudulently charged on their account.

In total, these apps were downloaded on 105 million devices, located in 70 countries around the world. All of this, researchers say, make Dark Herring the longest-running mobile SMS scam discovered.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

This new version of Android 12 will make cheap phones run much faster

The best Android apps of 2022

Windows 11 update will introduce support for Android apps

Here are some of the apps used in the campaign:

Researchers from Zimperium believe the operators made away with “hundreds of millions” of dollars, so far.

While Google has since removed all of the apps from the Play Store (the full list can be foundhere) many can still be downloaded from third-party repositories online.

Via:BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics

This new phishing strategy utilizes GitHub comments to distribute malware

Smeg Combi Steam Oven review: a multi-functional countertop oven that looks stunning and cooks well