Beware: A new malware known as Xafecopy is stealing money through smartphones in India

Around 40 percent of the target of this malware has been detected in India.


Well, from how things have gone so far, the year 2017 has literally been the year of malware attacks. This year there has been the most reported cases of malware attacks than any year in the past. And with all that is happening it is sometimes scary to think that cyber criminals are getting more advanced and good at what they do.

Beaware: New Xafecopy malware steals money using victim's smartphone

Just as we say that a new malware dubbed as Xafecopy Trojan has been detected in India which steals money through victims' mobile phones. Cyber security firm Kaspersky has reported the incident. According to the firm's report, around 40 percent of the target of the malware has been detected in India.

The report further reads, "Kaspersky Lab experts have uncovered a mobile malware targeting the WAP billing payment method, stealing money from victims' mobile accounts without their knowledge."

Xafecopy Trojan basically comes disguised as useful apps, for instance, BatteryMaster, and this malware app operates normally to prevent any suspicion. While the app seems good, the trojan then secretly loads malicious code onto the device.

Thus, once the app is activated, Xafecopy malware clicks on web pages with Wireless Application Protocol (WAP) billing-a form of mobile payment that charges costs directly to the user's mobile phone bill. After this, the malware silently subscribes to a number of services using the phone.

The process is quite shocking as the services also do not require users to register a debit or credit card or set up a username and password. The malware uses some technology to bypass 'captcha' systems designed to protect users by confirming the action is being performed by a human.

"Xafecopy hit more than 4,800 users in 47 countries within the space of a month, with 37.5 percent of the attacks detected and blocked by Kaspersky Lab products targeting India, followed by Russia, Turkey, and Mexico," the report noted highlighting the impact of the malware.


Amidst this situation, Experts at Kaspersky Lab are also of the opinion that cyber criminals gang promulgating other Trojans are sharing malware code among themselves. "Our research suggests WAP billing attacks are on the rise. Xafecopy's attacks targeted countries where this payment method is popular. The malware has also been detected with different modifications, such as the ability to text messages from a mobile device to premium-rate phone numbers, and to delete incoming text messages to hide alerts from mobile network operators about stolen money," Kaspersky Lab senior malware analyst Roman Unuchek said.

Kaspersky Lab, managing director-South Asia, Altaf Halde also stated that Android users need to be extremely cautious in how they download apps. "It is best not to trust third-party apps, and whatever apps users do download should be scanned locally with the Verify Apps utility. But beyond that, Android users should be running a mobile security suite on their devices."

Best Mobiles in India

Best Phones

Get Instant News Updates
Notification Settings X
Time Settings
Clear Notification X
Do you want to clear all the notifications from your inbox?
Yes No
Settings X