Having uncovered the Android dialler malware last week, mobile security specialist Lookout is warning of a new threat involving a tangled web of spam, foreign banks and bulk messaging.
The threat surrounds a bulk SMS network called Bazuc which offers Android users a payout if they allow the network to access their unused SMS message allowance. The app has been downloaded up to 50,000 times from the Play Store but the author claims up to 100 downloads an hour so it’s evidently on third-party stores too.
The idea of getting cash for your unused texts may seem attractive. But once you're signed up to Bazuc it can be used to send virtually untraceable messages that look like they came from your phone -- because they did come from your phone. These can be used to bypass spam detection and anti-fraud systems and of course Bazuc's authors are charging companies to send messages via your phone at around four times the rate they're paying you.
Lookout's analysis of the network's users threw up bulk advertisers, phishermen, and African and American banks. A breakdown of the messages sent via Bazuc shows 40 percent service and transaction alerts, 30 percent PIN code and password messages, 18 percent registration messages and invites, 8 percent spam, 2.5 percent suspected phishing and only 1.5 percent messages from actual humans. All of the messages were aimed at US subscribers but originated in countries including Nigeria, Russia, Poland and Mexico.
A major problem is that the messages sent are open for the owner of the relay to see. This means that legitimate banks and other organizations using this service to send PINs and passwords are putting their customers at risk of ID fraud.
Whilst Bazuc isn't actually malware it does exploit a loophole in the mobile world. Those who install it risk their phone number and personal information being shared. The companies that use the service to send messages risk their communication falling into the wrong hands.
Ultimately it's the phone users that are likely to suffer. Bazuc isn't breaking any rules but the people who download it are almost certainly in breach of their contract terms of service. It's these users that will suffer when cellphone operators start to shut down accounts or charge higher rates for these bulk messages.
It could be worse than that though, as Lookout points out on its blog, "...we can’t discount the possibility that this network could be used to send illegal messages, and in this case the owner of the phone is likely to find themselves in hot water with the authorities".
This is a complicated scam, you can read more detail including information about the people behind it and how much money it’s making them on Lookout's blog. Meantime the advice is that if something looks too good to be true it probably is.
Image Credit: Paul Michael Hughes/Shutterstock