In 2012 there was a 400% increase of cyber attacks from 2011, infecting at least 300,000 users from Android malware, which was mostly caused by Trojan SMS. The way the hacker attacks the user’s device this way is by putting a malicious application within Google’s app store and when downloaded the app infects user’s device via a bogus permissions notification, which when agreed to forces the user to send SMS messages to a premium-rate number, in which the hacker owns and collects payment. 'Without the user's knowledge the app will get the phone number of the device, will go to a website and will register it to a premium SMS service. This service requires a confirmation to be activated, which means it sends an SMS to that number with a PIN code,' states the post along with, “This app waits for that specific message, once it arrives it intercepts its arrival, parses it, takes the PIN number and confirms your interest in the service. Then it removes it, no notification is shown in the terminal and the SMS is not shown anywhere. Again, all this is done without the user's knowledge' (V3). This attack is estimated to have earned the hackers between $6-$24 million alone.
This document is in PDF format. To view it click here.