A new malware Xafecopy Trojan has been detected in India, which steals money through victims’ mobile phones, cyber security firm Kaspersky said in a report. Around 40 percent of the malware targets have been detected in India. “Kaspersky Lab experts have uncovered a mobile malware targeting the WAP billing payment method, stealing money through victims’ mobile accounts without their knowledge,” the report said.
Xafecopy Trojan is a malware software of Ubsod family targeting the Android Operating System, identified first in September 2017 by cybersecurity and antivirus provider Kaspersky targeting significantly on India based android devices. According to reports, Xafecopy infected at least 4,800 users in just a month around 47 countries with over 37.5 per cent damage identified by Kaspersky Lab products targeting India, followed by attacks on devices in Russia, Turkey and Mexico.
Xafecopy Trojan is disguised as useful apps like BatteryMaster, and operates normally. The trojan secretly loads malicious code onto the device. Once the app is activated, the Xafecopy malware clicks on web pages with Wireless Application Protocol (WAP) billing – a form of mobile payment that charges costs directly to the user’s mobile phone bill.
The malware uses technology to bypass 'captcha' systems designed to protect users by confirming the action is being performed by a human. In the captcha system, websites show a set of some letter or numbers which are required to be manually filled by the user.
Experts at Kaspersky Lab have found traces showing that cyber criminals gang promulgating other trojans are sharing malware code among themselves.
Android users need to be extremely cautious in how they download apps.
It is best not to trust third-party apps, and whatever apps users download should be scanned locally with the Verify Apps utility. But beyond that, Android users should be running a mobile security suite on their devices.