Malicious Android apps steal money by stealthily subscribing users to unknown services

Malicious Android apps steal money by stealthily subscribing users to unknown services
Despite the fact that both Google and Apple take great care to make sure the Play Store and App Store are safe, secure, and the absolutely the only place you should be getting your apps, sometimes, some malicious software makes its way through the cracks.

McAfee security company now reports that a known cybercriminal gang — AsiaHitGroup — is at it again, using a repackaged piece of malicious software that it has used in the past on the Google Play Store.

It's called Sonvpay.C and it gets smuggled aboard the Play Store via a plethora of different innocent-looking apps, such as ringtone creators, flashlights, QR code scanners and the like. And it's a sneaky one to intercept, even if you are a savvy user.

Basically, once on one's phone, the malicious app will — at some point — trigger an "update" notification. However, that's not an update, but a reskinned subscription button, which will instantly sign the user up for an unknown paid service. Unlike previous versions of Sonvpay, this one does not use SMS messages. Instead, it employs WAP billing — an over-the-air data message to a website —, which means it can't be seen in the user's message history.

According to McAfee, the scam apps have been used in Kazakhstan and Malaysia, but if Sonvpay detects that the device is not in one of these regions, it'll still try to send off an SMS message to a premium service. Reportedly, the apps have been online since January of 2018 and McAfee calculates that AsiaHitGroup could have potentially made between $60,500 and $145,000 from unsuspecting victims.

Be careful what you download, folks!

source: McAfee



1. AdeelSoomro

Posts: 61; Member since: Oct 26, 2017

Android is the worst os in the history of mobile industry, I prefer feature phone over andro smart phone

2. Wiencon

Posts: 2278; Member since: Aug 06, 2014

"But ios has apps that do blah blah blah and Apple is stealing your money when selling you overpriced icrap for 1k$$$ "

21. ORO0147

Posts: 3; Member since: Jun 28, 2018

You seem retarded

3. path45th

Posts: 407; Member since: Sep 11, 2016

It’s nice to have all the security Apple’s iOS can offer even on my 5 years old iPhone 5s. By the way, iOS 12 is working very well on iPhone 5s. I’m using it right now.

19. jonathanfiuwx

Posts: 184; Member since: Mar 10, 2017

Well yeah.. it's important to have 5 years security because iPhone is expensive. I'd rather spend every 2 years, get the updates and the new technology with it.

22. Allday28

Posts: 347; Member since: Nov 19, 2010

This has got to be the stupidest thing I’ve read all day!!

23. deleon629 unregistered

how about those updates to stop the phones from bending and the batteries from dying faster than all other "normal" "regular technology" phones? lol

4. maherk

Posts: 7054; Member since: Feb 10, 2012

Anyone who argues that Android apps are of the same quality of apps found on iOS, needs a slap on their face. I'm using an Android phone, and I had an iPad Pro for almost a year, and the quality of apps wasn't matched. And I'm not just talking about the basic apps that everyone uses like Facebook or Instagram, but even simple card games that I have been playing on Android for years, are much much better on iOS. Then we have this, and also the hundreds of thousands of cheap copies of famous apps that slow down your phone, and God knows what else they're collecting from your phone. Android as a software is superior imo, but iOS crushes Android when it comes to Play Store vs App Store.

8. RebelwithoutaClue unregistered

I agree partly with you. You can tell iOS developers, in general, follow Apple's design guidelines more than Android developers follow material design guidelines (I even think ios apps can be denied because of sloppy design?). But if you look at major/popular apps, there isn't really a quality difference, the only difference would be a preferential one. You are right though that the Play store contains a s**tload of crap apps, even more so than the App store. Google does need to step up their app checks (preferably switch to manual checks) and demand developers stick more to material design guidelines & latest APIs

9. peace247 unregistered sis is a doesn't accept apps unless it completely follows all the guidelines... it's relatively simple to upload your app on playstore. but I don't agree with maherk.... there's almost no difference between apps on android and ios(except maybe snapchat).

11. RebelwithoutaClue unregistered

I know there are a lot of apps in the Play store that still use the holo design. Those are just too old (considering Material was introduced 3 years ago). But in general, I find Android apps on par with iOS apps.

10. maherk

Posts: 7054; Member since: Feb 10, 2012

Try using Facebook app on iOS and Android, my wife has the iPhone X, and whenever I complain about a new bug the latest update brought, she laughs because the app on her iPhone is flawless. I had the same experience when I had my iPad, it's not just the bugs, but also the animations are much smoother, they're never sluggish on iOS. Not saying they're perfect, but they're almost there on iOS.

12. RebelwithoutaClue unregistered

Pretty weird since the number one complaint of the iPhone users that I support, is that Facebook is a crappy app. Just google Facebook iOS issues to get a general idea it is not flawless at all. I don't have Facebook, so I can't tell if it's any good on Android. I do know the number one complaint is battery usage.

13. maherk

Posts: 7054; Member since: Feb 10, 2012

It's a battery killer on Android as well. But as for bugs within the interface, it's not even close when you want to compare the app on those two platforms.

14. RebelwithoutaClue unregistered

I was referring to it being a battery killer on Android ;) I'll have a look later on to what you are referring to, as my dad does have FB so I can install his account on my OP6 and iPhone 6s to have a comparison.

17. maherk

Posts: 7054; Member since: Feb 10, 2012

My bad lol And yeah, trust me, it will take you few minutes to see the difference between them.

5. mixedfish

Posts: 1570; Member since: Nov 17, 2013

LOL $60k to $145k just goes to show how little this actually means to the market.

6. lyndon420

Posts: 6915; Member since: Jul 11, 2012

If you download a flashlight app that requires permissions like internet access, well then you're an idiot. All phones come with their own flashlight function built in so....

7. maherk

Posts: 7054; Member since: Feb 10, 2012

The problem is that most Android phones hide the flashlight under the widgets category, that's why majority of people don't know that their phone already has it. Not until recently they started putting it in the notification's toggles bar.

16. worldpeace

Posts: 3135; Member since: Apr 15, 2016

Until recently? It's been on vanilla Android's quick setting for 4 years (Lollipop), and in custom UI's quick setting as early as ICS (2011), and even before that manufacturers usually put it on widget (along with wifi, auto-rotate and brightness toggle) in home screen since Froyo..

15. Tipus

Posts: 913; Member since: Sep 30, 2016

Pandora sux on android for sure, constant crashes and after an "update" autolaunch doesn't work on my kenwood HU. Iphone app, on the other hand, has 0 issues. App store has much better app QC .

18. perry1234

Posts: 654; Member since: Aug 14, 2012

This just shows that Google needs to up the ante further when it comes to security of apps on Play Store... App store is much better. Wonder how Key2 +DTEK (or Samsung +KNOX) would have detected this threat, if they possibly could,that is...

20. ORO0147

Posts: 3; Member since: Jun 28, 2018

If I'm savvy user, I would know not to download flashlight, ringtone, or QR Code scanning apps (either way, my phone already has one) so these really don't affect me at all.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit for samples and additional information.
FCC OKs Cingular's purchase of AT&T Wireless