In a nutshell: Fraudulent Android apps employ sophisticated fraud mechanisms to illegally activate premium services on mobile bills. They use WebView automation, JavaScript injection, and OTP interception to remain undetected.
Disguised applications leverage WebView automation, JavaScript injection, and one-time password interception to bypass fraud detection and activate illegal premium subscriptions.
Security researchers are warning of a growing threat from fraudulent Android apps that commit carrier billing fraud using sophisticated techniques. The malicious applications employ multiple obfuscation methods to conceal their criminal activity and evade detection systems.
The fraudsters rely on a combined strategy: WebView automation enables the apps to control browser functions without user interaction. At the same time, the developers exploit JavaScript injection to insert malicious code into web pages. Particularly insidious is the interception of one-time passwords (OTP), which normally serve as secure confirmation for transactions.
Through this combination, cybercriminals succeed in charging premium subscriptions and expensive services to unsuspecting users’ phone bills. The mobile billing system is deliberately abused to defraud victims. Security experts recommend users to download apps only from trusted sources and to check the permissions of suspicious applications.