Written By Real Kevin Jay on Saturday, February 15, 2014 | 10:03 AM
A new wave of malware has hit Google's app store Google Play and may have infected at least 300,000 people, a security vendor said Thursday.
Panda Security said its research team indicated the number of those infected may go up to 1.2 million as the malicious apps can be downloaded from the online store.
"Without the user's knowledge, the app will get the phone number of the device, will go to a website and will register it to a premium SMS service. This service require a confirmation to be activated, which means it sends a SMS to that number with a PIN code, which have to be entered back to end the process and start changing you money. This app waits for that specific message, once it arrives it intercepts its arrival, parses it, takes the PIN number and confirm your interest in the service," it said.
Citing the case of one of the malicious apps, Panda said the app steals the victim's phone number via the WhatsApp messaging software.
It also "forces" a victim to accept the terms of service by making the Close button hard to locate.
"According to Google Play this app has between 50,000 and 100,000 downloads," it said.
Panda advised users to "always read the permissions needed to install each application," and if the app seeks to read SMS and connect to the Internet but such connection is not really needed, "do not install it."