Symantec has reported that there was an increase in number of one-click fraud apps at Google Play for the month of August. There are already 2,500 such apps reported this year with 1,000 of these published in the month of August alone. The statistics of Google Play show that these apps were downloaded 8,500 times however this figure is probably north of 10,000.
Google Play has a security system in place to check for these kinds of fraudulent apps but some apps slip in the market and become available for anyone to download. Publishers of these types of apps use various methods to prolong the availability of the apps at Google Play before the system takes it down.
One-click fraud apps usually work by first letting the user install the app on an Android device. The user is then presented with several links related to online adult sites. Included in the links are one or two links that leads a person to a video that can’t be played on the device unless the user pays a fee which usually ranges up to $1,000.
By combining a few malicious links with valid links these types of apps can usually evade detection from security checks. The scammers that make these apps can also take down the malicious links immediately in case an investigation starts.
One-click fraud apps don’t usually last long at Google Play and normally only live not more than a day. There are some however that remain for several days. For a good scammer a day is only what they need to trick people into giving up their money.
Details of this malicious app as detected by Symantec are as follows
- Name: Android.Oneclickfraud
- Risk Level 1: Very Low
- Discovered: January 11, 2012
- Updated: March 23, 2012 12:25:05 PM
- Type: Trojan
- Infection Length: Varies
- Systems Affected: Android
- Android.Oneclickfraud is a Trojan horse for Android devices that attempts to coerce a user into paying for a pornographic service.