In the 1990s dialup internet spread across the country and with it came the jump of pornography into the digital realm. As porn was quickly recognized to be among the most popular and most visited forms of internet content, adult sites quickly drew opportunist cyber criminals who hid trojans and other viruses that would infect the computers of unsuspecting surfers.
Among the most popular schemes were so-called dialers. Dialers would infect individuals' computers, disconnect their modem, and then force it to dial a long distance number, typically an international call. The virus would often mute the modem speaker so the victim would be none-the-wiser. Milking the economics of international calls, the crooks would pocket a substantial amount for each call, while victims would be left with massive phone bills.
With the slow death of the dialup modem and the move to broadband, such antics have died down in recent years. However, a new trend in adult content viewing is reportedly reviving this insidious form of cybercrime.
Software firm CA maintains a security division, which among several security firms to notice a rise in dialer attacks. They note that the new attacks are chiefly targeted at smart phone users. Recent studies have shown that virtually all males partake in adult content -- and other studies have shown that a smaller, but substantial number of females do as well. With the rise of smartphones, many are turning to mobile browsers to get their pornographic fix.
Smart phone numbers are growing, in fact, 11 percent of Americans have smart phones, by recent estimates -- that's more than have dialup. And with the rise in smart phone numbers, adult traffic from these smart mobiles is rising as well. And that's exactly what cyber criminals are hoping for.
Akhil Menon of CA's security branch writes in a blog, "In our malware analysis lab we have been observing an increasing trend of Trojan Dialers that targets mobile devices and this advisory blog is a quick analysis of one such malware that uses the J2ME technology (a default standard for CLDC devices) to send SMS messages to high cost numbers. Similar to its ancestors, most of them are related to pornographic message centers."
The virus, called Swapi.B typically infects a smart phone when the user downloads what they think is adult software, video clips or helper programs.
Mikko Hypponen, head of research at F-Secure which makes security software for mobiles in an interview with BBC News also reported noticing a rise in smart phone dialer attacks. He says that crooks love the fact that no extra work is needed to make money off the scheme, unlike traditional cybercrime which involves collecting credit card numbers to conduct credit card fraud.
He states, "PC malware can't just directly steal money from your machine; it has to jump through hoops like keylogging your credit card number or sending spam. However, mobile malware can just instantly steal from you by making premium-rate calls or messages. The trojan can place calls to, say, 100 different premium-rate numbers, only one of which is his own number. How would you fight this? Shut down all the numbers, including the innocent ones?"
Google was among the first to note this trend. It blocks certain premium lines in its Google Voice service (which offers free calling) to prevent excessive charges or this kind of abuse. Despite this seeming like common sense, data discrimination laws forbid U.S. carriers from blocking blocks of premium numbers, even if they're suspected of being involved in a cyber fraud scheme. The FCC is currently investigating Google's call blocking, but it is unclear whether the same laws apply to Google as the traffic is routed over the internet, rather than traditional phone lines, and additionally the service is free.