Bogus charges being racked up by Android tool
Malicious code slipped into a popular Android keyboard app racked up millions of dollars in fraudulent charges for unlucky punters.
The Secure-D research team with mobile security specialist Upstream Systems reports this week that as much as $18m in bogus fees were run up by ai.type, an on-screen keyboard replacement that has an estimated 40 million downloads through the official Android Play Store – where it has since been removed – and other third-party stores.
Secure-D claims the app, which pitches itself as a customizable emoji keyboard, contains hidden code that covertly makes premium content purchases without any user notification or permission. In addition to the bill cramming, the app engages in ad and click fraud, we're told, in some cases disguising its traffic as comi ..
Support the originator by clicking the read the rest link below.
