Google has a difficult job trying to make sure all the apps within the Google Play Store – which is the primary repository and app market for the Android ecosystem – are clean without any malware and malicious code that can potentially take advantage of and harm users. With a thousands upon thousands of app submissions for the Play Store, some malware still gets through. This new one is dubbed CallJam, and it basically racks up profit for the attackers by having your device call premium numbers.
The CallJam malware is hidden inside the game “Gems Chest for Clash Royale” which was uploaded to Play in May. From the time it was uploaded, the app has been downloaded between 100,000 and 500,000 times. The malware system includes a premium dialer to generate fraudulent phone calls and an adnet capable for displaying ads to its victims to generate additional profit.
First up, is able to redirect your browsing to malicious websites that generate revenue for attackers. The next step is a bit complicated, but it involves getting the user to grant the app permission to make premium calls. The problem here is that most users will just grant app permissions without reading the text. The hacker’s server then sends CallJam a command to dial a premium phone number and the desired length of the call. The malware initiates a call, generating profits for the hackers.
As of now, the app is still available for download, so you should be warned. CheckPoint has already informed Google about this malware.