Forgot your password?
typodupeerror
Crime Software Worms Games

Mobile Game Trojan Calls the South Pole 195

Posted by kdawson
from the if-a-penguin-answers dept.
UgLyPuNk writes with an excerpt from Gamepron.com: "Freeware games can actually cost you more money than their pay-to-play cousins, as mobile gamers in the UK have learned. A 'booby-trapped' version of a popular Windows Mobile game has been sneakily spending their money while they sleep – by dialing phone numbers in the Antarctic behind their backs."
This discussion has been archived. No new comments can be posted.

Mobile Game Trojan Calls the South Pole

Comments Filter:
  • yikes (Score:5, Funny)

    by iwannasexwithyourmom (1804754) on Tuesday June 01, 2010 @01:46AM (#32415018)
    aw man, that's pretty cold.
  • by Arvisp (1626837) on Tuesday June 01, 2010 @01:48AM (#32415026)
    and what did they say ?
  • by zooblethorpe (686757) on Tuesday June 01, 2010 @01:52AM (#32415056)

    I always thought Microsoft made a bit of a branding error when it came to naming their mobile OS. "WinCE" just invites all kinds of negative associations, and stories like this one just add to the painful image.

    Cheers,

  • by _Sprocket_ (42527) on Tuesday June 01, 2010 @01:52AM (#32415058)

    ....how about a nice game of Ice Station Zebra?

  • by Lord Artemis (1141381) on Tuesday June 01, 2010 @02:05AM (#32415126)
    ...how they even *found* numbers in the Antarctic. It's not like you can set up a phone line down there, and I can't imagine many people would have occasion to call the Antarctic.
    • by DarthBart (640519)

      There's enough phone numbers down there it has its country code for mobiles, and that's supposedly what this malware does. It dials +88234 numbers. It probably just wardials numbers in certain blocks.

      I don't know how UK mobile providers do it, but I had to call my cell provider (Sprint) to enable international dialing before I could dial past +1.

      Still it is a hell of a lot cheaper than wardialing +870 (Inmarsat) numbers. Last I heard, those were going for 10Euro/min on the wholesale market.

      • by DarthBart (640519)

        I stand corrected. 88234 is not just for mobiles in Antarctica. It is a country code assigned "Global Networks Switzerland".

      • Re: (Score:3, Insightful)

        by MichaelSmith (789609)

        I don't know how UK mobile providers do it, but I had to call my cell provider (Sprint) to enable international dialing before I could dial past +1.

        My bet is that this is a US specific thing. Certainly in Australia new SIM cards can by default dial any number on Earth (and for all I know, some not on Earth). International roaming OTH is not always enabled by default and I have been bitten by this a few times.

    • by JWSmythe (446288) <jwsmytheNO@SPAMjwsmythe.com> on Tuesday June 01, 2010 @02:33AM (#32415318) Homepage Journal

          You know, I was curious about this too. I found this page [countrycode.org] which shows there to be no phones (land lines nor cell) in the Antarctic. Wikipedia has a reference to calls being relayed over HAM radio only. They also mention that Scott Base does have a satellite relay for telephone calls [wikipedia.org]. It seems they do have a country code assigned (672), so I'd suspect that someone got a number assigned, regardless of the fact that they aren't really there.

          What I don't exactly see is how they're profiting off the number. I know some long distance calls act as premium rate numbers (like dialing a 900 number in the US), where a profit can be had from the initial connection and the minutes on the maintained connection. It should be a simple matter to follow the money back to the source of the problem, and prosecute them accordingly. It's becoming rare that pranks like this are done just as pranks. There's usually a financial interest in it.

      • What I don't exactly see is how they're profiting off the number

        Probably doing it for the lulz.

      • by DarthBart (640519) on Tuesday June 01, 2010 @02:48AM (#32415420)

        +672 is not just for Antarctica, though. It is shared with Norfolk Island (a sort-of part of the commonwealth of Australia).

      • by stonertom (831884) <stonertom@gmail.com> on Tuesday June 01, 2010 @03:54AM (#32415668)
        Wholesale phone minutes is a sleazy business. If you have a good route to an obscure country making loads of calls to it would probably pay off.
      • by chrb (1083577) on Tuesday June 01, 2010 @04:30AM (#32415808)

        What I don't exactly see is how they're profiting off the number.

        There are plenty of providers of international premium rate numbers that will ask no questions about the callers and deposit a percentage of the call termination fees into a bank account at the end of the month - the article mentions they used Somalia ($0.14/min) [getpremiumnumbers.com], Dominica (€0.45/min) [getpremiumnumbers.com], Antarctica (€0.46/min) [getpremiumnumbers.com]. The provider I linked to was the top of Google's search - you can probably find others offering higher rates.

        It should be a simple matter to follow the money back to the source of the problem

        Not really. These crimes cross multiple legal jurisdictions, and there is no evidence to tie the trojan writer to the person profiting from the calls. Authorities in, say, Switzerland, will not break the banking secrecy of an individual just because they profited from running a premium rate phone number.

        I remember hearing a story back in the early 90s about a French guy who had over 30 land lines installed in his house, and had set up an automated blueboxing dialler to call international premium rate numbers 24/7. Allegedly, he was earning $1.50/min from each call, and he quickly became a millionaire.

        • by DNS-and-BIND (461968) on Tuesday June 01, 2010 @05:48AM (#32416204) Homepage
          Funny, back when I used to work in toll fraud at one of the Big Three, we regularly had overseas calls in the $3-4 range per minute. A popular destination was Vanuatu along with some other Pacific islands, easily the most expensive of them all. I never really understood porn over voice. Any time I saw the country codes for Pacific islands, I blocked them immediately. Another popular destination for toll fraud was 809, which was part of NANPA but still counted as overseas (Caribbean islands) and thus ran up big charges quickly. The most expensive fee per minute I ever saw was a puzzling destination of INMARSAT. What kind of country is that, I thought to myself as I dialed the number to check what it was. Seaman Mumble picked up the call, it was the bridge of a Navy destroyer! INMARSAT was/is a satellite communications provider for ships at sea. $5.50 per minute, the highest I ever saw.

          The point of this rambling post is that toll fraud seems much cheaper these days. Fifty cents a minute to Antarctica seems like nothing compared to rates back in the day.

      • by Anonymous Coward on Tuesday June 01, 2010 @04:57AM (#32415928)

        +88234 is allocated to our company Global Networks Switzerland AG who operates a GSM network in Antarctica. The +88234 allocation is published by the ITU in the E.164 standard somewhere around 2003. As Antarctica is not considered a country according to the united nation but international territories, the +88234 allocation is out of the shared country codes block which is where you also find the satellite networks such as GlobalStar, Thuraya etc and also networks operating on Cruise Ships and similar. This is the main reason why operators charge a fortune. They don't differentiate +88234 in pricing from other networks in +882xx or +881xx which means you get charged sattelite connections even though our connection is much cheaper (and they make a hell of a lot of money off you). The connectivity to Antarctica goes over satellite to the edge of Antarctica to a research station (you can't reach the center over satellite). There is a second allocation +672 for antarctica for the australian Scott's base which is basically some kind of areacode of Australia. We have nothing to do with that network.

        About the abuse of the number for so called auto-dialers, malware in games etc, please be aware that we are not involved in this. People somewhere in the middle do break out those calls and terminate it illegally on their equipment charging termination fees and making money of it. Those calls do not end up on our switch where they would supposed to go. The numbers used in the dialers are not in use in our network so calling them would result in a "unallocated number" error and you would not have been charged.

        If you get charged for calls to +88234-8.... complain to the operator as it clearly points to shortstopping by a 3rd party.
        Our legitimate users use mainly +88234-7xxx xx xx with a few allocations in +88234-4... and +88234-5...

        Regards

        Andreas Fink
        CEO
        Global Networks Switzerland AG
        afink at gsm.aq

        • Re: (Score:2, Informative)

          by Anonymous Coward

          There is a second allocation +672 for antarctica for the australian Scott's base which is basically some kind of areacode of Australia.

          Scott Base is actually a New Zealand station. I believe the NZ phone system in Antarctica uses the +64 dialing code with an extension.

        • +88234-7xxx xx xx

          Hey, I had to try that. But it seems nobody was at home right now. :/

      • Note: I worked at McMurdo Station last year so I know what I'm talking about There's tons of phones down in Antarctica, but I'm not sure if any country is actually using the Antarctica country code. The US runs phone calls over the NPOESS sat system and trunks them back to Colorado where Raytheon Polar Systems is located. You can call anywhere in the US from the station with an extension to get an outside line, and the calls just look like some local number in the Colorado. Scott has has the same thing
    • by Lumbre (1822486) on Tuesday June 01, 2010 @02:43AM (#32415392)

      ...how they even *found* numbers in the Antarctic. It's not like you can set up a phone line down there, and I can't imagine many people would have occasion to call the Antarctic.

      I don't see how you can't imagine phones in Antarctica. It's not like there aren't dozens are hundreds of researchers down there. It doesn't have to be a physical wired connection. It could be a phone connecting to a satellite. As another example of advanced technology in Antarctica, you can find an ATM down there [wellsfargo.com]. It's pretty much a normal ATM which they service every couple years. Think abstractly my fellow /.er

    • by jonbryce (703250)

      There will be satellite phones from networks with a polar orbit, such as Iridium, but not networks like Inmarsat which has a geostationary orbit. That's why it is so expensive.

      • Iridium is the only Sat phone used the NSF in Antarctica. They own hundreds of them and a bank of Iridium phones provide a very slow data uplink to sync the South Pole stations Exchange servers with the US
  • According to Wikipedia, there is no international dial code for the antartic [wikipedia.org]
  • by Michael Woodhams (112247) on Tuesday June 01, 2010 @03:01AM (#32415472) Journal

    I saw this on the BBC website too, but neither article tells me how it is to the advantage of the hackers to give random people big telephone bills. Do the hackers own some little phone company which the calls are going through? Do they have some overpriced premium number connecting to a computer in Scott Base which recites astrology readings in a synthetic voice?

    More seriously: why should the phone OS allow a game to initiate phone calls? (I really hope the answer is 'the OS has a bug' rather than 'that's how they designed it.')

    • by LingNoi (1066278) on Tuesday June 01, 2010 @03:23AM (#32415552)

      but neither article tells me how it is to the advantage of the hackers to give random people big telephone bills.

      Maybe they get lonely down there.

    • by thegarbz (1787294) on Tuesday June 01, 2010 @04:41AM (#32415864)
      This is almost triggering nostalgia. I remember the good old days where viruses were actually malicious to the system they were installed on. None of this run silently in the background bot zombie we'll use your resources if we need it to further our own gain crap.

      In the good old days a virus just wasn't a virus if it didn't format your C: on some arbitrary birthday of the writer, or nuke your master boot record, or even copy itself to the master boot record so that when you started up the computer said Suck It! Rather than displaying the Windows 3.11 loading screen. Man it sucked re-installing dos and windows from floppies.
      • by internewt (640704)

        Man it sucked re-installing dos and windows from floppies.

        This bit of info might be a little late, but IIRC you could copy the contents of the 3.11 floppies to the HDD, and run setup from there. The install process would go much quicker, and the overall install time was quicker to manually do the copying first. Plus no having to watch the install process, and put disks in when it asked.

    • by chrb (1083577)

      neither article tells me how it is to the advantage of the hackers to give random people big telephone bills

      International premium rate numbers are big business, see my other reply [slashdot.org]. Here's another provider [premiumtlc.com] offering 1+ euro a minute. The lines usually cost a couple of hundred Euros to set up, so it's easy to make the money back if you can get people to call them.

    • by Sockatume (732728)

      From the sounds of things, the hackers cracked what was originally a shareware app. Putting in a money-wasting dialler may just be their way of saying "if you want to pirate games with the assistance of hackers, get ready for some serious bullshit".

  • Hernk the planet squaaack!
  • One of the problems with mobile apps is the "allow and install" vs "deny and not install". You read the list of privileged operations and you are left with a tough decision and no middle ground - which would be "deny and still install". If I read the list of requested privileged applications I often get a shiver.

  • You'd think SOMEONE would actually tell us the name of the game responsible?
    Seems like that should have been in the headline or story.
    ("3D Anti Terrorist Action" by the way)

    But no, I suppose it's more important to emphasise that it's Windows.

    Slashdot. Old school journalism at its finest.

    ("There's a chemical in your home which may kill you. We'll tell you what it is, after these important messages")

  • by Udigs (1072138) on Tuesday June 01, 2010 @04:13AM (#32415758)
    Running any application on your phone from untrusted sources produces unexpected results. Clip at 11.
    • Protip: COMMON FUCKING SENSE!

      When we treat people like idiots, the BECOME idiots. And my theory is, that that is the reason most people are idiots nowadays.
      Because they CAN. And still live a pretty nice life. It’s just a (short-sighted) question of efficiency.

      All those people in those companies that put people in miles of padding, should go to jail for crimes against humanity, until they have undone the damage.

  • Diego Garcia (Score:5, Informative)

    by ei4anb (625481) on Tuesday June 01, 2010 @05:50AM (#32416212)
    The island of Diego Garcia used to be a favourite for such phone scams. Phone companies have international agreements to tranfer money, a portion of what they bill for international calls. In the case of the scam calls to Diego Garcia the money could be siphoned off by middlemen because Diego Garcia did not have agreements with all phone companies (bad credit rating?) and the money was routed indrectly. Something similar is happening here. The Irish Communications Regulator blocked direct dial calls to a list of countries to cut down on such fraud http://news.cnet.com/Ireland-launches-phone-fraud-crackdown/2100-1036_3-5377387.html [cnet.com]
  • This article is mistagged as a 'worm', it should be tagged as a 'logic bomb'.

    A worm [wikipedia.org] is a piece of software that is able to propagate itself without interaction from a user. A logic bomb [wikipedia.org] is a piece of software or a function in a piece of software that activates when certain conditions are met.

  • Hmmm... (Score:3, Insightful)

    by rindeee (530084) on Tuesday June 01, 2010 @07:36AM (#32416690)
    I guess that whole "Is your refrigerator running" crank would be sort of un-funny given the circumstances....
  • by Bigbutt (65939)

    Somewhere on McMurdo Station

    Bob: ZzzzZZZzz
    Phone: *ring* *ring*
    Bob: Zz*wha* hello?
    Phone: *ScreeEEeeeEee*
    Bob: Hey, HEY THIS ISN'T A FAX! PICK UP! PICK UP! *slam* morons

    [John]

  • by Anonymous Coward on Tuesday June 01, 2010 @09:38AM (#32417586)

    This isn't freeware. It was a shareware version of a "pay" game that was cracked and injected with malware. Why does the summary make it look like freeware is more dangerous than pay-to-play? This is just another case where warez is more dangerous than legitimate software.

  • There is no civil society in Antarctica - none. I do not believe that there is as much as a convenience store in the entire continent. So who, pray tell, is getting the money from these calls ? The National Science Foundation ? Now, that would be an interesting way to expand the science budget...

  • by dadelbunts (1727498) on Tuesday June 01, 2010 @04:40PM (#32423596)
    It seems the developer was a little. *puts on sunglassses* cold blooded. YEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH

Faith may be defined briefly as an illogical belief in the occurence of the improbable. - H. L. Mencken

Working...