Xafecopy

Xafecopy is an Android Trojan malware capable of siphoning funds from the compromised users' mobile accounts. The threat disguises itself as various applications that will not raise much suspicion from the users, such as a battery or smartphone optimizers. Indeed, nothing in its design betrays its threatening nature. However, once inside the compromised device, Xafecopy starts to wreak havoc by taking advantage of a long-forgotten technology called WAP.

WAP stands for Wireless Application Protocol, and it represents an early technical standard used for accessing information over a mobile wireless network. The technology may have become obsolete, but parts of it, such as WAP-billing, are still functional. Trojans such as Xafecopy take advantage of this fact and abuse sites that still support WAP-billing. While this technique is similar to premium rate SMS messages, it has several distinct advantages. Through WAP-billing that charges for the mobile payments are added straight to the user's mobile phone bill circumnavigating the need to enter any card details or set-up a login profile form of mobile payment that charges costs to the user's mobile phone bill directly, so they don't need to register a card or introduce a user-name and password. On the other hand, abusing premium SMS requires the Trojans to be equipped with functionality to gain specific Accessibility privileges. As a result, WAP-billing Trojans can remain hidden on the user's device for far longer as all they have to, by clicking through WAP-enabled billing or advertising URLs.

In most cases, the victims of Xafecopy notice that something is amiss when the money is already gone from their accounts. To prevent such dire consequences, users are advised to be extremely cautious when downloading applications from any third-party website or unauthorized application store.s of the Play Store, forcing the criminals behind the threat to use different distribution vectors, mainly by being hosted on third-party sites and through messages on online forums. Both methods involve various social-engineering tactics to entice the users to download the corrupted file disguised as a cracked game, a video player, or a popular application.

Trending

Most Viewed

Loading...