Today a new malware Xafecopy Trojan has been detected in India, which steals money through victims’ mobile phones.This fact was stated only after testing done by the cyber security firm Kaspersky.
Xafecopy Trojan, malware is disguised as useful apps like Battery Master , and operates normally. This trojan secretly loads malicious code onto the device, be it a cellphone or a personal computer.
Once the app is activated, the Xafecopy malware clicks on web pages with Wireless Application Protocol (WAP) billing – a form of mobile payment that charges costs directly to the user’s mobile phone bill. After this, the malware silently subscribes the phone to a number of services.
Shockingly the process does not require user to register a debit or credit card or set up a username and password.
The malware uses technology to bypass ‘captcha‘ systems designed to protect users by confirming the action is being performed by a human. In the captcha system, websites show a set of some letter or numbers which are required to be manually filled by the user.
Xafecopy is said to hit more than 4,800 users in 47 countries within a time span of a month, with 37.5 per cent of the attacks detected and blocked by Kaspersky Lab products targeting India.
Kaspersky labs have been successful in detecting many malwares and even blocking them.
On detecting this evil malware, Kaspersky Lab, Managing Director- South Asia, Altaf Halde said that Android users need to be extremely cautious in how they download apps.
“It is best not to trust third-party apps, and whatever apps users do download should be scanned locally with the Verify Apps utility. But beyond that, Android users should be running a mobile security suite on their devices.”