New Android Malware Called SMSFactory Is Increasing Users’ Phone Bill By Subscribing To Premium Services

A new malware targeting Android users appears to be on the rise and security researchers are signaling the alarm.

The malware that goes by the name SMSFactory is reportedly increasing phone bills by adding premium service subscriptions without victims even noticing. Yes, that’s how sneakily it’s carrying out its tasks, leaving so many people with unwanted expenses.

For now, it’s not being made clear by researchers as to how many different people have been affected by the ordeal but there are confirmed cases of tens of thousands of attempts being made.

And it’s an interesting point to note how the system’s security is also not being able to detect it, citing huge problems for users hailing from various nations around the globe.

Researchers have gone ahead and outlined how the malware has various distribution channels including those related to push alerts, promotional marketing strategies that show up on websites, and malvertising. There are also a series of videos that promise different ways to hack into games while others give foolproof access to different adult content websites as well.

Meanwhile, Avast is coming ahead with its own series of researchers and reports. It claims that the SMSFactory malware was able to target nearly 165,000 customers with Android devices in the past year.

The report by Avast also highlighted how nations commonly affected the most included Turkey, Russia, Ukraine, and Brazil.

Another interesting finding that researchers at Avast noticed as a part of their study was how the malware’s primary objective was to release premium text messages and make phone calls to various numbers enlisted for premium users.

However, there were several other variants of SMSFactory that were able to steal away entire contact lists on a series of compromised devices. These would further be used for distribution methods whenever there was a lingering threat.


Other than that, another leading researcher at Avast noticed that this particular malware is also being hosted across various app stores that have failed to obtain statuses that prove they’re legit or official. Yet, plenty of users trust them for their needs and continue to download from them, becoming vulnerable to the rising threat that it possesses.

Examples of these app repositories seen on Android include APKMods as well as PaidAPKFree. They are yet to contain appropriate security protocols for the products being listed inside the store.

Users must be aware that the malware can appear under the heading of various types. Moreover, whenever you’re in the middle of installing it, you do receive a warning from Google Play which is the device’s security system that alerts people about how much they’re at risk from any particular file being downloaded.

Other than that, the malware will request access to your phone’s SMS, contacts, location, the ability to send out calls, display settings, monitoring alerts, and some start activities too.

And as you probably know by now, these are all some notable findings of malware activity that careless users tend to overlook and click yes without giving it a review.

Once that is on its way to installation, the app is able to show victims a false screen related to how the app just isn’t working or perhaps is not available for use.

It may have no assigned labels or icons and that makes it even harder to eliminate from the system. People just wrongly assume that nothing is wrong and don’t give the matter a second thought. Little do they know that the app is actually functioning in the background and fulfilling a connection that few people know about.

There’s a disguised link between the control and command of the device. If operators feel the device is of great use to them, they’ll usually end up sending instructions while making subscriptions for premium services.

And just in case that wasn’t enough, the latest variant can also go as far as adding various admin accounts across your phone. This is most likely needed for distributing messages over the user’s list of contacts.

If you wish to stay safe, it’s always recommended that apps are downloaded via trusted sources. And in general, it’s good to have a minimum number of apps. You can always read out reviews to be double sure before installing the app too.

Lastly, make sure your system is updated and do run scans for foolproof protection.

Read next: Stress Is Forcing More Than 45% of Cybersecurity Workers To Quit The Tech Industry
Previous Post Next Post