Mobile Game Trojan Calls the South Pole

UgLyPuNk writes with an excerpt from Gamepron.com: "Freeware games can actually cost you more money than their pay-to-play cousins, as mobile gamers in the UK have learned. A 'booby-trapped' version of a popular Windows Mobile game has been sneakily spending their money while they sleep – by dialing phone numbers in the Antarctic behind their backs."

Re:One really has to wonder...

[Lumbre]

...how they even *found* numbers in the Antarctic. It's not like you can set up a phone line down there, and I can't imagine many people would have occasion to call the Antarctic.

I don't see how you can't imagine phones in Antarctica. It's not like there aren't dozens are hundreds of researchers down there. It doesn't have to be a physical wired connection. It could be a phone connecting to a satellite. As another example of advanced technology in Antarctica, you can find an ATM down there [wellsfargo.com]. It's pretty much a normal ATM which they service every couple years. Think abstractly my fellow /.er

What to the hackers gain?

[Michael Woodhams]

I saw this on the BBC website too, but neither article tells me how it is to the advantage of the hackers to give random people big telephone bills. Do the hackers own some little phone company which the calls are going through? Do they have some overpriced premium number connecting to a computer in Scott Base which recites astrology readings in a synthetic voice?

More seriously: why should the phone OS allow a game to initiate phone calls? (I really hope the answer is 'the OS has a bug' rather than 'that's how they designed it.')

To install or not install

[krischik]

One of the problems with mobile apps is the "allow and install" vs "deny and not install". You read the list of privileged operations and you are left with a tough decision and no middle ground - which would be "deny and still install". If I read the list of requested privileged applications I often get a shiver.

Re:One really has to wonder...

[stonertom]

Wholesale phone minutes is a sleazy business. If you have a good route to an obscure country making loads of calls to it would probably pay off.

Re:Profiting is the easy part

[DNS-and-BIND]

Funny, back when I used to work in toll fraud at one of the Big Three, we regularly had overseas calls in the $3-4 range per minute. A popular destination was Vanuatu along with some other Pacific islands, easily the most expensive of them all. I never really understood porn over voice. Any time I saw the country codes for Pacific islands, I blocked them immediately. Another popular destination for toll fraud was 809, which was part of NANPA but still counted as overseas (Caribbean islands) and thus ran up big charges quickly. The most expensive fee per minute I ever saw was a puzzling destination of INMARSAT. What kind of country is that, I thought to myself as I dialed the number to check what it was. Seaman Mumble picked up the call, it was the bridge of a Navy destroyer! INMARSAT was/is a satellite communications provider for ships at sea. $5.50 per minute, the highest I ever saw.

The point of this rambling post is that toll fraud seems much cheaper these days. Fifty cents a minute to Antarctica seems like nothing compared to rates back in the day.

Get an iPhone!

[Anonymous Coward]

Apple's "totally controlling the users" method pays off in cases like this. If you had an iPhone, it would have been impossible for something like this to happen. Even a jailbroken iPhone (which allows you to play unofficial apps) is safe from this kind of thing because the jailbreak hack doesn't remove Apple's security from the iPhone OS. If an app wanted to place a call, the OS displays a pop-up saying "CALL 1-555-1212" and you must press OK to call it. Similarly, no application can gain access to your GPS location without asking you the first couple times you open it.

So, apps that track your location without you knowing it, or make calls without you knowing it are impossible on the iPhone. Apple isn't totally crazy after all.

Re:Android permissions

[mlts]

Android's permissions are either all or nothing when it comes to Internet access. And some apps just ask for that permission for no real reason.

Best way to deal with that is to have a rooted phone and Droidwall. However, this won't protect against an app that was installed that was given capabilities of dialing and sending/receiving SMS/MMS items.

Another item to have is an app called autostarts. You would be surprised on what apps want to hook where.

Re:LOL

[gid]

I have that problem with Motorolla Karma/QA1. Signed google maps can access the network all it wants after selecting "yes always". But the unsigned gmail cannot "yes ask every time" is the only allow network option for gmail and all unsigned apps. I've always assumed it's something that AT&T did to intentionally cripple the phone to not use the network as much as it's not a "smart phone" (read as cheaper data plan), but it's still quite capable so they had to make it stupider. [sic]

Re:LOL

[WNight]

I'm sure they do but it's obviously not worth much. It's partly why they won't allow an interpreted language - to make the check possible at all - and they still couldn't possibly check one app thoroughly, let alone all the thousands.

Such a check is less than worthless - like WEP - a false sense of security. Sure, it'll catch some trivial malware that's written by someone who didn't expect the examination but such a check will miss any of the code submitted to the Underhanded C Contest.

The only worthwhile security to implement here is capabilities. Very precisely, what can this app do? That way whatever code does sneak by onto the system it's still only going to be able to do what an untrusted app should be able to do.

Not that Apple doesn't also do that, but that code reviews for security are fundamentally flawed and therefore ultimately harmful.

Re:LOL

[mlts]

I am actually a bit miffed at MS for taking the easy way out and doing this. Why couldn't they make a permission/security system that would both work with legacy programs, but still provide protection against rogue apps on legacy systems? There are already third party firewall programs for WM, it wouldn't be hard for Microsoft to integrate that functionality in and have apps either request permission on install (like Android), or before use (like Blackberries).

What made Windows Mobile so attractive for a platform pre-7 is the fact that I could run almost anything on my WM device, including onboard E-mail that supported client certificates. Since WM 7 is another walled garden, it means that if I want custom apps, I have to look elsewhere.

Android isn't perfect either. I wish Google would come out with an ADP3 that is already rooted, has a quality fastboot and recovery mode, and would support custom ROMs out of the box without needing a "gold card" exploit. Android developers are not the ones pirating apps [1], and someone who buys a phone from the Android Store is clued enough to know the ramifications of the "#" prompt, fastboot, and custom ROM issues. The N1 comes close, but it still requires an exploit to get rooted, and the warranty on the phone is voided as soon as one does that. I'd love to see a slider with a hardware keyboard, but that's just my personal taste.

[1]: As a modder, I have nothing but contempt for app pirates. Apps are not expensive. Pirates are one of the reasons that make phone makers and cellular carriers put more and more roadblocks to make custom ROMs, much less even root their devices. The only excuse/justification of this would be that an app might be available on one country and not in another.