Mobile Game Trojan Calls the South Pole 195
UgLyPuNk writes with an excerpt from Gamepron.com: "Freeware games can actually cost you more money than their pay-to-play cousins, as mobile gamers in the UK have learned. A 'booby-trapped' version of a popular Windows Mobile game has been sneakily spending their money while they sleep – by dialing phone numbers in the Antarctic behind their backs."
Re:LOL (Score:2, Informative)
>Why on earth are mobile phone apps even allowed to make calls in the first place, without some sort of specificaly made user authorization?
For the record, when a Symbian app tries to make a call or connect to the internet the user is presented with a dialog asking whether to allow the app to connect/make a call. No idea why Microsoft decided this is not needed.
Re:One really has to wonder... (Score:4, Informative)
+672 is not just for Antarctica, though. It is shared with Norfolk Island (a sort-of part of the commonwealth of Australia).
Re:no phone numbers in antartic (Score:5, Informative)
http://countrycode.org/antarctica [countrycode.org]
Seems Wikipedia is not right about everything - go figure.
Re:LOL (Score:5, Informative)
And decent phones do. On a BlackBerry, for example, you have to specifically authorize each application to access to the voice radio, IP connections (as a whole or per-domain), GPS, address book, etc. It's easy to use and provides great protection, not to mention the instant insight into what a program is actually doing (i.e. "Why does this free calculator want to connect to warez.ru"). Why WindowsCE doesn't do such things is a complete mystery.
Re:What to the hackers gain? (Score:4, Informative)
Maybe they get lonely down there.
Re:no phone numbers in antartic (Score:4, Informative)
Re:LOL (Score:5, Informative)
I know, you're probably thinking "what reasons"? Well, from some of the vendors I've worked with, it ranges from location based information to cell phone recovery tracking to remote programming. None of it is absolutely necessary given current available technology and that you can do all that stuff over the data network, but when Windows CE was originally designed, data networks weren't quite as useful.
Profiting is the easy part (Score:5, Informative)
What I don't exactly see is how they're profiting off the number.
There are plenty of providers of international premium rate numbers that will ask no questions about the callers and deposit a percentage of the call termination fees into a bank account at the end of the month - the article mentions they used Somalia ($0.14/min) [getpremiumnumbers.com], Dominica (€0.45/min) [getpremiumnumbers.com], Antarctica (€0.46/min) [getpremiumnumbers.com]. The provider I linked to was the top of Google's search - you can probably find others offering higher rates.
It should be a simple matter to follow the money back to the source of the problem
Not really. These crimes cross multiple legal jurisdictions, and there is no evidence to tie the trojan writer to the person profiting from the calls. Authorities in, say, Switzerland, will not break the banking secrecy of an individual just because they profited from running a premium rate phone number.
I remember hearing a story back in the early 90s about a French guy who had over 30 land lines installed in his house, and had set up an automated blueboxing dialler to call international premium rate numbers 24/7. Allegedly, he was earning $1.50/min from each call, and he quickly became a millionaire.
Re:One really has to wonder... (Score:5, Informative)
+88234 is allocated to our company Global Networks Switzerland AG who operates a GSM network in Antarctica. The +88234 allocation is published by the ITU in the E.164 standard somewhere around 2003. As Antarctica is not considered a country according to the united nation but international territories, the +88234 allocation is out of the shared country codes block which is where you also find the satellite networks such as GlobalStar, Thuraya etc and also networks operating on Cruise Ships and similar. This is the main reason why operators charge a fortune. They don't differentiate +88234 in pricing from other networks in +882xx or +881xx which means you get charged sattelite connections even though our connection is much cheaper (and they make a hell of a lot of money off you). The connectivity to Antarctica goes over satellite to the edge of Antarctica to a research station (you can't reach the center over satellite). There is a second allocation +672 for antarctica for the australian Scott's base which is basically some kind of areacode of Australia. We have nothing to do with that network.
About the abuse of the number for so called auto-dialers, malware in games etc, please be aware that we are not involved in this. People somewhere in the middle do break out those calls and terminate it illegally on their equipment charging termination fees and making money of it. Those calls do not end up on our switch where they would supposed to go. The numbers used in the dialers are not in use in our network so calling them would result in a "unallocated number" error and you would not have been charged.
If you get charged for calls to +88234-8.... complain to the operator as it clearly points to shortstopping by a 3rd party.
Our legitimate users use mainly +88234-7xxx xx xx with a few allocations in +88234-4... and +88234-5...
Regards
Andreas Fink
CEO
Global Networks Switzerland AG
afink at gsm.aq
Diego Garcia (Score:5, Informative)
Re:LOL (Score:1, Informative)
WinMo probably does have a similar setting. The problem is that many programs you install on Blackberries prompt you to change their security settings, much like many Linux things you install prompt you for root access. When it becomes commonplace people just click OK or enter their password without thinking - it's only the security-conscious who pay attention to those things.
Re:LOL (Score:3, Informative)
You are aware that Apple don't review code before it is added to the shop right?
And the rest of the world have already solved this problem for mobile phones. An application don't have access to do anything that can interfere with other applications/the operation system without explicit user accept.
And this access is handled by the operation system not the application. The application ask the operation system, and the operation system ask the user, so the application don't have any way to trick the user into doing something by lying to the user.
Re:One really has to wonder... (Score:2, Informative)
Scott Base is actually a New Zealand station. I believe the NZ phone system in Antarctica uses the +64 dialing code with an extension.