Dial/SmsReg!Android
Analysis
Dial/SmsReg!Android is an application for mobile phones running Android
which silently registers the victim to non-free services.
It usually comes as a sexy or dating application, and silently sends SMS
messages to particular short numbers that subscribe the victim to the corresponding
service. The subscription is not free. Its costs depends on the victim's country
and the service he/she subscribes to. For instance, it can go up to 10 dollars per
month.
Figure 1. Dial/SmsReg!Android main screen
The application does explain in its User Agreement form that the end-user
is subscribing to a non-free service. However, there are chances end-users
might be abused because it is not easy to see the application sends (costly)
SMS messages (User agreement not obvious, have to search for it + no strong
warning when sending the SMS messages).
Figure 2. User Agreement exists, but difficult to find in the user interface
Dial/SmsReg!Android exists in multiple versions, customized for various countries.
.
Recommended Action
- FortiGate Systems
- Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
FortiClient Systems
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
Telemetry
Detection Availability
FortiGate | |
---|---|
FortiClient | |
FortiAPS | |
FortiAPU | |
FortiMail | |
FortiSandbox | |
FortiWeb | |
Web Application Firewall | |
FortiIsolator | |
FortiDeceptor | |
FortiEDR |