H-Online: UK regulator PhonepayPlus (fomerly known ICSTIS) has imposed a fine of £50,000 on a payment provider used for an Android malware-based fraud and forced it to reimburse customers’ losses. Last December, unknown perpetrators posted fake versions of popular applications on Google’s Play store (formerly the Android Market) which sent out expensive premium rate text messages.
According to Android virus experts Lookout, the applications in question were based on the RuFraud malware and were customized to disguise themselves as 30-plus titles such as Angry Birds, Assassins Creed and Cut the Rope. These apps were downloaded an estimated 14,000 times, and sent out three premium rate text messages, costing £5 each, every time the user tried to open the app. Total losses to customers in the UK were estimated at £27,850.
PhonepayPlus was able to intervene before the money was transferred from payment services company A1 Agregator Limited to the perpetrators of the fraud. The UK registered limited company will now be required to return the money to affected smartphone users, including those who have not made a complaint, and pay a fine of £50,000.