Key Technical Analysis of malicious fee deduction software: associated with chest

Key Technical Analysis of malicious fee deduction software: associated with chest

Internet-related topics accounted for half of the 315 gala. One of the steps is to make the customer stand up, that is, download a ticket grabbing software, but the operator maliciously deducts dozens of fees.

It's difficult to steal dozens of oceans from your wallet. However, what technology does hackers use to perform such a superb deduction trick?

In fact, like most magic, the audience looks amazing. In fact, the magician only uses the simplest blind eye method. The same is true for this ticketing software. There are almost no technical highlights, and it does not even take advantage of system vulnerabilities. In fact, it exploits the vulnerabilities of human nature.

Simply put, the item that malware uses to do the blind eye is the chest.

Let's replay the scam method with a slow lens:

According to the CCTV exposure, during the use of the ticket grabbing software downloaded by users, images of attractive women will pop up. In the face of this scenario, most people will choose to "Stamp" the beauty's chest ". The installation prompt for another App is displayed. Needless to say, the icon of this new App must be a big-haired beauty, and it should be well-known.

At this time, many people will, like the uncle in the evening party, smile with shame and click to install.

[The motivation for App installation comes from tempting icons/from CCTV]

However, at this time, you still have the opportunity to suddenly wake up. Next, go to the newly installed App, and click the deduction reminder in the center. Of course, the charge is not in a conspicuous position, or even hidden. In order not to let users notice the deduction prompt, the App has placed countless big breasts in the background to hide and hide the meat. The user's mood at the moment must be the same as that of reporter Lei Feng. He wants to quickly enter the App and the Boba, regardless of the S ". At this time, even if the deduction prompt is reached, it is difficult for users to notice.

[Do you see the hidden meat in the background? At this time, people who will carefully read the product instructions must like men/from CCTV]

Have you noticed that:

In the whole process, you have three chances to escape from this scam, and on these three most critical nodes, scammers use the big breasts of the beauty to completely break your fragile suspicion.

You should have had the fourth chance. This is the second reminder of fee deduction by the carrier. However, when installing the software, you are blinded by the beauty and do not care about the permissions assigned to the App. If you switch back to the "love video" installation moment, it must be a straightforward reminder: apply for the permission to send and receive text messages. You must have clicked it if you haven't seen it.

In this way, the malicious software can reasonably and legally obtain the user's SMS authorization. With this powerful sword, the Android system is helpless.

Song shenlei, a security expert, told Lei Feng:

From a security perspective, such malware does not actually have high system permissions, but only requires the read and write permissions of text messages to users.

However, such a permission can bring such great economic losses to users.

As the saying goes, beauty is at risk, so be cautious when looking at the chest.