Scammers have hidden a nasty surprise for users who downloaded doctored copies of a Windows Mobile game. Hackers adapted a demo version of 3D Anti-Terrorist Action to include a Trojan that makes premium-rate calls costing around US$6 a minute on the sly. Doctored copies of the Counter-Strike-alike game are designed to call …
Malware turned out to be
... the best anti-piracy solution created.
It's not like this is new.
Dodgy copies of things have always been a vector for malware, right back to ye olde floppy disks and tape drives. I think you could say "stupid prices and ridiculous DRM turned out to be the best malware-distribution solution created" and still be accurate. That's a far too inconvenient truth, though.
What I'm annoyed at is that the jump from dial-up to broadband put paid to rogue dialler software. Now we have mobile computers with phones attached to them, the old attacks are coming back. Seriously, how hard would it be to put a warning hook in the operating system? "This software is trying to dial a premium rate number. This could cost you an arm, leg and possibly a few teeth. Do you want to continue? (y|n)"
Catching the crooks
Surely there is a nice paper trail to follow to catch and jail the crooks who pull these stunts?
Steady on old chap...
... I mean, selling Windows phones to people who were expecting a half-decent mobile device may be extremely unethical, but I don't think it's a jailable offence yet.
I never understood how the telcom providers are still allowed to charge
If you call a premium rate number in this country (UK) the premium content provider has to verify that person calling is of age, i.e. they have to speak and understand charges.
The answer is clear telecom companies should at a minimum allow disabling of intercountry premium rate services, ending this type of scam.
Whilst the telecom company is still making money they will continue to do nothing, even when they are complicit in this type of crime.
This gives an idea
You know, it's a shame nobody's come up with a way of validating apps before they can be run on a mobile phone - perhaps limiting access to them through one central "store" perhaps. That way the user could feel safe in the knowledge that those apps aren't going to do anything bad like this, and legitimate developers wouldn't have their good name tarnished by rogue apps like these.
Just a thought.
Reality is tougher
>> safe in the illusion that those apps aren't going to do anything bad like this until they actually do but at least the company running the store can make lots of dough off the "club of the nice, wholesome apps" boy scout badge.
You're aware of an app distributed via a locked down appstore that has contained malware?
You mean like this....
Oooh, there's the fanboi, got in early on this one...
I would trade the security of the iTunes namby pamby we don't like boobies store for the freedom to be able to run whatever the hell I want on my 'phone thanks...
Pick the one that you like the most....
They that can give up essential liberty to purchase a little temporary safety, deserve neither liberty nor safety.
They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.
Those Who Sacrifice Liberty For Security Deserve Neither.
He who would trade liberty for some temporary security, deserves neither liberty nor security.
He who sacrifices freedom for security deserves neither.
People willing to trade their freedom for temporary security deserve neither and will lose both.
If we restrict liberty to attain security we will lose them both.
Any society that would give up a little liberty to gain a little security will deserve neither and lose both.
He who gives up freedom for safety deserves neither.
Those who would trade in their freedom for their protection deserve neither.
Those who give up their liberty for more security neither deserve liberty nor security.
been done before...
bad news. That concept has been implemented for a while now - almost 10 years commercially actaully.....
Also been copied to death by the likes of apple. (google BREW, GIN/Get It Now).
Those that repeat a senseless mantra over and over without justifying it, look stupid. And a little paranoid if you don't mind me saying.
The truth is that in any and every civillised society we *do* sacrifice some liberty and *do* gain some security from that - it's called having government, and police, and a judicial system. Maybe you're not keen on them, but I think most people are probably generally in support of those concepts.
From where I'm sitting, those that give up their "liberty" by having an iPhone are perfectly secure, while those that insist on their "liberty" by jailbreaking their iPhones are less secure, and have been known to fall foul of malware. I don't really care who deserves what by your definition, I can only go by what I see
Somebody asked for proof that this thing can happen on the app store - I provided the link and got down-voted. Guess they don't like the truth then.
The fact that fanbois will even down-vote links to Reg articles that show a flaw in the app store (rather than just anti-fanboi opinion) is scary. God help us if Jobs or any of his fanboi proles ever got cosy with Mr Conroy and implemented an internet filter - half the web would be blocked.
You posted "proof" that Admob allowed some dodgy advertising through and that clicking on said advert could cost you money - the thing is, that's not malware, it's advertising. Advertising that could be inserted at anytime into any advert-supported app, regardless of the platform or appstore/vetting process (if any). Advertising that was in contravention of Admob's own rules, but was still not going to cost anyone anything if they didn't click on it.
You've proved that iAds might actualy be a great idea, but you haven't come up with any proof of malware being distributed by an appstore.
Those that don't get the reason for repeating a mantra in lots of different paraphrased forms look even more stupid, it's about choice. Not that a fanboi would understand choice of course...
Security is all well and good but pretty soon you end up with a bunch of control freaks trying to impose their moral values on everyone.
someone correct me
Was there not a legal challenge by someone who had been victim of a similar scam involving premium rate phone numbers, only with a BT line, that was refusing to pay the bill on the grounds that under current UK legislation it would be illegal for him to pay it? Something about 'rewarding a criminal act' or something?
It was some years ago and the last I recall hearing was that he was waiting for BT to take him to court, although IIRC i think in the end BT decided not to, he seemed to have a valid arrangement and it would also seem to apply equally here.
Anyone remember more details or have I got it totally wrong/
"...premium-rate phone numbers in the Antarctic..."
Seriously?!? Is there much demand on the continent for penguin-based sexy chat?
re:Brrrrrrr → #
Well, it's freezing in the Antartic. Anything to warm one up..
Paris? Do i really need to explain?
The US have got a base on the Antarctic, have they not? I'm sure it was on Michael Palin's Pole To Pole series. Well, bearing that in mind there must be some US GIs looking for a bit of non-flying ornithological romance....
On a related topic, I tried to have sex with a penguin... but I couldn't get the wrapper off!!!!
Mine's the one with the fur.. on the inside.
Quite clearly it must be a "snowman fetish" line.
Mines the one with the coal and the carrot in the pocket.
up with the times...
This is old news,,, come on Register,, keep up!!
maybe the same company who doesn't actually switch off the radio antenna when you switch off the phone so that push-mail can still be delivered and you get charged thousands of £/$/€ in case you decided to travel abroad with your phone and be subjected to the enormous roaming rates??
I realise you're desperate to draw some kind of parallel, but if you read to the end of that blog post from *2007* -
"UPDATE: Apple has since added the ability to switch off "Data Roaming" for International travelers. See Settings -> General -> Network -> Data Roaming."
So basically we're talking about a missing feature that (a) has nothing whatever to do with appstores or third party apps, and (b) got fixed within months of the phone's release three years ago. Call the feds!
When I worked for a voip company we blocked certain country codes( these were counties that allowed any number that the owned to be used as premium numbers) and all premium rate numbers as we found very few of our customers need that kind of access it solved alot of problems. Also here in the US the phone company is just acting as billing agent for the company charing on the numbers. You can not have your phone turned off for not paying for premium rate numbers . The phone companies have even been know to remove that portion from your bill(provided you have no history of calling premium rate numbers ).
...stealth dialing is a felony.
One of my customers was being charged $600 or so for a pr0n visit by her grandson.
I told her to advise QWORST that any attempts at collecting this fee would make them an accessory to the stealth dialer felony.
The demise of stealth dialers is generally attributed to the rise of broadband (our customer base went from 1000+ to about 45 today,) but the inability to collect money from the evil deed was the major contributer.
Reading Martin's post gives me the impression that similar laws exist in other parts of the world.
unfortunately Martin47 is referring to the US law
I have been hoping for similar in the UK but as BT has a large say in any law that regulates them they still get to profit from crime.
There are controls on local premium rate service providers but BT say they have no control over international comms. This means that all the autodialler and confidence scams operate from outside the UK.
A bunch of criminals in Florida was running a number a few years ago and BT stated they have no way of limiting access (LIE) even though they knew who was doing it and had received hundreds of complaints.
The best we have inthe UK is to waste the time of the calling agent however once they know your number they will sell it on to other organisations, so are making out of us anyway.
As you can see from the likes of the PHORM debarcle BT are a law unto themselves with the state providing little protection for their customers. OLD BOY network avatar required but pirate is close enough