BBC Reprint: 08:12 GMT, Friday, 15 January 2010
Original Article: http://news.bbc.co.uk/2/hi/technology/8459898.stm
Many diallers lurk on sites hawking pornography
As mobile phones get more sophisticated, hi-tech criminals are dusting off some old tricks.
Security companies have noticed a rise in trojans known as diallers that used to be popular during the days of dial-up net access.
On a smartphone the diallers are being used to call premium rate lines leaving victims with a big bill.
Experts say the diallers are proving popular as a quick way for criminals to cash in.
Diallers were widely used during the days of dial-up net access when most people connected via modem.
Many diallers lurked on porn sites and, once they snared a victim, disconnected their modem and then placed a long distance call. Many victims were left with huge phone bills.
The economics of international calls meant that some of the cash spent on the call would be shared with the criminals. Some diallers were very sneaky in that they muted the speaker on a modem so victims could not spot when the overseas call was being placed.
Now, the security wing of software firm CA has said it is seeing a rise in diallers for smartphones. This time, instead of calling international numbers, the diallers call premium rate lines and land victims with the bill.
Writing on the CA security blog, Akhil Menon said it was seeing a “an increasing trend of trojan diallers”. Mr Menon profiled one such virus, called Swapi.B, which sends premium SMS messages.
“The messages sent out are in the typical format to invoke premium services and land the mobile user with heavy mobile bills without the user’s knowledge and consent,” wrote Mr Menon.
Many diallers, including Swapi.B, are contracted from porn sites which disguise themselves as software, video clips or helper programs.
Mikko Hypponen, head of research at F-Secure which makes security software for mobiles, said it had seen a “handful” of diallers in recent months.
They were popular, he said, because they get round one of the big problems facing anyone wanting to make money out of Windows viruses.
“PC malware can’t just directly steal money from your machine; it has to jump through hoops like keylogging your credit card number or sending spam,” he said.
“However, mobile malware can just instantly steal from you by making premium-rate calls or messages,” said Mr Hypponen.
Some creators of diallers were also working to ensure that it was hard to shut down the premium rate service they had set up to cash in.
Mr Hypponen said some diallers sent messages or rang many different numbers, including legitimate ones.
“The trojan can place calls to, say, 100 different premium-rate numbers, only one of which is his own number,” said Mr Hypponen.
“How would you fight this? Shut down all the numbers, including the innocent ones?”