French hacker admits stealing 500,000 euros from Android smartphone users

“A 20-year-old hacker has been arrested in northern France for spreading a virus via smartphone ‘apps’ that defrauded thousands of victims,” BBC News reports. “Prosecutors say he stole tiny sums from 17,000 people, amassing about 500,000 euros (£405,000) since 2011.”

“He snared victims with free downloads designed to look like original applications,” The Beeb reports. “But in the background the apps worked to steal money via hidden transactions. It appears smartphones that use Google software were the most susceptible, says the BBC’s Christian Fraser in Paris.”

The Beeb reports, “Once the fake applications were downloaded, the virus sent a text message without the user’s knowledge to a premium-rate number he had set up.”

Read more in the full article here.

MacDailyNews Take: “Open.”

[Thanks to MacDailyNews Reader “buddabob” for the heads up.]

Related articles:
FBI’s Android security warning means Apple’s iPhone beats Android for BYOD enterprise – October 16, 2012
FBI issues warning over Android malware attacks – October 15, 2012
Researchers discover serious flaw in Android app security, say HTC and Samsung ignore issue – September 28, 2012
Apple’s iPhone has passed a key security threshold – August 13, 2012
Android permissions flaw allows eavesdropping, data theft, location tracking – December 2, 2011
Massive HTC Android security flaw leaves security expert speechless – October 2, 2011
Apple’s iOS unaffected by malware as Android exploits surge 76% – August 24, 2011
Android malware records phone calls; iPhone users unaffected – August 2, 2011
Symantec: Apple iOS offers ‘full protection,’ Google Android ‘little protection’ vs. malware attacks – June 29, 2011
Malware apps spoof Android Market to infect Android phones – June 21, 2011
Google forced to pull several malware-infested apps from Android market – June 8, 2011
Android malware sees explosive growth; even faster than with PCs – April 27, 2011
Virus-laden apps infest Google’s ‘open’ Android platform; iPhone unaffected – March 3, 2011
Security firm warns of new Android trojan that can steal personal information; iPhone unaffected – December 30, 2010
Trojan infects Android smartphones; iPhone unaffected – August 10, 2010
Millions of Android phone users slammed by malicious data theft app – July 29, 2010
Unlike proactive Apple, reactive Google doesn’t block malware from Android app store – June 4, 2010
Malware designed to steal bank information pops up in Google’s Android app store – January 11, 2010


    1. The guy must get paid by the word. “It appears smartphones that use Google software were the most susceptible, …” is sometimes just called an Android phone. To the people that got suckered in, they call it that Android piece of crap!

  1. “It appears smartphones that use Google software were the most susceptible” it just “APPEAR” or just android.
    Looks like the so called “reporters” wanna make you believe that other OSes were affected so the people believe that all smartphones are insecure.

  2. Edward , Patrick…. Where are you … Oh … Checking your accounts…Open system means spread em … You get what you pay for .., or in this case what you didn’t pay for …. Security.

    1. Yeah, and don’t forget iSS or “Chris”. Pretty telling when none of these a-hole fscktard troll are anywhere to be found on this forum when the real truth about Fandroid settlers is revealed!

  3. Really what’s to prevent a developer in the Apple echo system from being able to do this?

    I mean, Apple developers have to self disclose all the capabilities of the app they are trying to publish. During the Apple review process, would they be able to detect all of an apps functions if it were not properly disclosed?

    The Camera+ people had a hidden feature which was activated by visiting a URL. Because it was communicated to the public, Apple learned about it, and the app was pulled.

    All this is saying is you can still do anything you want, as a developer, if you can properly hide what you are doing.

    1. Danilko01…. As an Apple developer I can tell you that Apple’s vetting process would go a long way to prevent this type of thing from happening. In addition, the background information that Apple collects and checks on prospective developers would certainly, in the event something got through, stopped this thief much quicker than the 2+ years it took. Making such activity not really worth it

      It would be much better not to speak on an issue you know
      nothing about and seem ignorant of an issue…. Than to post a comment and prove it.

    2. You can do anything in the world to any entity you want if you can PROPERLY HIDE it. It’s like stating that I can be Olympic world records if I’m fast enough, but very few people have the dedication, talent, or the training to become that fast. The point is that it’s very difficult to be good enough to hide these things from Apple. That’s why Apple has three times the apps with 1/10th the number of security flaws.

  4. The people who use Android OS deserve this. Sorry, but I have absolutely no sympathy for people who use a ripped off OS and are not willing to pay for the real thing. They should all be suing Goggle.

    1. I know the sentiment. But its hard to blame someone completely ignorant of the tech and say they deserve it. Frequently they are incredibly grateful to at last comprehend the situation so they can move to the sane side of the street. They act as sheeple as they watch others doing it and they don’t know any better.

      But then there are the businesses that force employees to use crap technology. I have a brother who can only use a Android phone to keep in touch with work as that is the only platform they support: STOOOPID! That’s when you point at the company IT doofases and either laugh or spit. 😉

      1. Good points, Derek. People who follow this stuff online are the very small minority. Everybody knows what an iPhone is, but many many people don’t even know what Android is. They know they have a Samsung Galaxy or whatever brand it is, but that’s it.

  5. The problem is that as developer and as user you cannot really do a lot (except not using any third-party applications or not using Android):
    applications need to use third-party payment systems since Google Play is not popular among users. But many third-party payment systems use premium SMS and require the right to send or receive SMS messages. This means each application which uses the payment service needs to demand the right for sending and receiving SMS messages from the user, on installation. Since most applications require this right, you have not really a choice as user, either you install it or you cannot use it, and can’t really find out if the app is ok.
    Google has started to ban third-party payment systems from Google Play, which is just making it more closed, less interesting for users, makes alternative download places more popular, increasing fragmentation: fragmentation not only by hardware, carrier and OS, but also distribution network and payment service.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.