Has it ever happened that you suddenly find yourself being charged for a subscription you didn’t agree to be a part of? If this is the case, you have likely been subjected to one of the most recent variants of the toll fraud malware.
Microsoft has recently published an official announcement that describes what’s going on with the malware in extensive detail. Essentially, the malware exploits the system’s weaknesses and makes a paid subscription on behalf of the victim without the victim’s consent. This puts them at risk of financial loss.
This report indicates that the malicious software uses the Wireless Application Protocol (WAP), commonly used by cellular networks, to spread itself across the web.
Because the malware has been designed to work through the phone’s mobile network provider, it may be technically possible for Wi-Fi users to be protected from this exploit.
Still, this poses a dilemma for the unwitting victim. The scheme will engage whenever the device is forced to connect to the network via the phone’s service provider.
Compounding the malicious program’s cunningness is its ability to intercept OTP and even hide the notification from the user. This nullifies any suspicion that the device in use is compromised.
