We have received reports of a malicious Windows Mobile game that creates significant phone bills to affected users.
The game in question is called 3D Anti-terrorist action, and it’s manufactured by Beijing Huike Technology in China.
The game itself is a 3D first-person shooter.
Apparently some Russian malware author took the game and trojanized it. Then he uploaded the trojanized version to several Windows Mobile freeware download sites.
Quite quickly people started reporting that the phone was making expensive calls on it’s own.
Here’s an example of a thread on the XDA-Developers forum:
When analyzing the code of the trojanized game, it’s easy to see how it initiates several phone calls and waits for the calls to proceed. The calls are billed by minute.
But how do such international premium-rate numbers work?
It turns out there are several companies that make all of their money by offering expensive international premium rate numbers in faraway countries. Go figure.
