MouaBad Android malware earns money by making phone calls

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Money-making Android malwareIf you’re old enough to remember the days before broadband, you may well recall the problem of Dialer trojan horses. Having infected your PC, they would commandeer your modem and make phone calls to expensive premium rate numbers – earning criminals money in the process.

With the advent of broadband, and modems being consigned to the dustbin, some people probably thought they had seen the last of the premium rate dialer threat.

How wrong they were.

Security researchers at Lookout have reported on a newly discovered piece of malware, that attempts to make money by making phone calls from your infected Android smartphone without requiring any user interaction.

Sign up to our free newsletter.
Security news, advice, and tips.

Of course, it’s not unknown for Android malware to send SMS messages in their attempt to commit premium-rate fraud, but making phone calls takes things to a new level.

Before you panic, however, there are some caveats.

Firstly, Lookout reports that the malware (which they call MouaBad.p) only works on Android versions older than 3.1. So owners of more modern devices, or those who have been able to keep their mobile operating system updated, shouldn’t be at risk.

Secondly, the malware appears to make no attempt to hide its surreptitious calls from the call history – making it easy for users to spot.

And thirdly, the threat does not appear to be widespread and appears to be Chinese-specific. Of course, there’s nothing to stop cybercriminals in other parts of the world attempting similar premium rate fraud with their own Android malware.

Lookout also warns that MouaBad’s functionality could be used with other malicious intentions:

In theory, this dialing functionality could also be used for other malicious purposes such as remotely spying on conversations within the vicinity of a device microphone, or simply running up a victim’s wireless bill.

My advice is that everyone who owns an Android device should seriously consider running an anti-virus, and take care about where they download their Android apps from. In all likelihood, Mouabad has been distributed by its creators via rogue applications, perhaps shared via unofficial app stores.

Learn more about the MouaBad malware by reading Lookout’s blog post.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

One comment on “MouaBad Android malware earns money by making phone calls”

  1. Is this really a surprise – no and will only get abused more!

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.