We use cookies to ensure that our site works correctly and provides you with the best experience. If you continue using our site without changing your browser settings, we'll assume that you agree to our use of cookies. Find out more about the cookies we use and how to manage them by reading our cookies policy. Hide

Regulator cuts off worldwide mobile malware attack in the UK

24 May 2012

A malware attack targeted at 18 countries that cost unsuspecting users £15 every time they tried to open a ‘free’ app has been cut off by PhonepayPlus, the UK’s premium rate telephone services regulator. Sanctions imposed by the regulator’s Tribunal will see all money returned to UK consumers on top of a £50,000 fine imposed on the provider of the premium rate shortcodes that enabled the apps to fraudulently charge smartphone users.

Fake apps of popular brands including Angry Birds, Assassins Creed and Cut the Rope were posted to Android app stores. These fake apps were advertised as free but contained malicious coding (malware) that charged the phone’s account £15 every time the app was opened (usually charged through three £5 premium rate texts). The malware suppressed the sent and received text messages that notify users they have been charged. It was only when consumers received their bill that they were alerted to the fraudulent charges.

This malware attack was dubbed RuFraud by security experts and approximately 14,000 downloads of the malicious apps were made worldwide. The RuFraud attack affected 1,391 mobile numbers in the UK and £27,850 was taken before the shortcode was suspended. Due to PhonepayPlus’ and industry’s swift action in identifying the malware, ensuring that the shortcode was suspended and that the money was held and not passed on to the fraudulent app developers, none of this £27,850 of UK consumers’ money reached the fraudsters.

PhonepayPlus investigated and took action against the provider, A1 Agregator Limited, who had control of, and responsibility for, the premium rate payment system which enabled the malware to fraudulently charge consumers’ mobile phone accounts. A1 Agregator Limited was issued a fine of £50,000, ordered to make refunds directly to ALL consumers within three months, whether or not they had complained and directed to seek prior permission for a year from PhonepayPlus to run any premium rate service in the UK. 

Patrick Guthrie, PhonepayPlus’ Director of Strategy and Communications said:

“We will continue to clamp down on those who wish to take advantage of UK smartphone customers. We are very pleased that the tribunal ordered that everyone affected will get their money back and that a strong fine was imposed. The digital economy is vital to the UK’s future and we will continue to take action to maintain the confidence of the public.”

PhonepayPlus recently held the first UK mobile malware summit and works closely with the police, mobile networks and antivirus companies to combat the threat to UK consumers from premium rate malware.