Is it time to subscribe to a printer service from HP?

Ever since my dad brought home an...

What’s the best way of buying a phone today?

How did you buy your latest phone?...

MWC: What device highlights did you miss?

So, early last week I predicted that...

UK Regulator swiftly resolves Android malware infection

The following text from UK regulator, PhonePayPlus illustrates:

1) The huge, huge problem with Android’s wild west marketplace

2) The potential scale that Android malware can achieve in a short amount of time

3) The reality that consumers using Android need to seriously keep their wits about them

I have been pretty direct with my opinions (mostly negative) on what I feel has been a rather lukewarm approach from PhonePayPlus in the past. I’m pleased to see firm action from them.

Here’s the overview:

A malware attack targeted at 18 countries that cost unsuspecting users £15 every time they tried to open a ‘free’ app has been cut off by PhonepayPlus, the UK’s premium rate telephone services regulator.

Sanctions imposed by the regulator’s Tribunal will see all money returned to UK consumers on top of a £50,000 fine imposed on the provider of the premium rate shortcodes that enabled the apps to fraudulently charge smartphone users.

Fake apps of popular brands including Angry Birds, Assassins Creed and Cut the Rope were posted to Android app stores. These fake apps were advertised as free but contained malicious coding (malware) that charged the phone’s account £15 every time the app was opened (usually charged through three £5 premium rate texts). The malware suppressed the sent and received text messages that notify users they have been charged. It was only when consumers received their bill that they were alerted to the fraudulent charges.

This malware attack was dubbed RuFraud by security experts and approximately 14,000 downloads of the malicious apps were made worldwide. The RuFraud attack affected 1,391 mobile numbers in the UK and £27,850 was taken before the shortcode was suspended. Due to PhonepayPlus’ and industry’s swift action in identifying the malware, ensuring that the shortcode was suspended and that the money was held and not passed on to the fraudulent app developers, none of this £27,850 of UK consumers’ money reached the fraudsters.

PhonepayPlus investigated and took action against the provider, A1 Agregator Limited, who had control of, and responsibility for, the premium rate payment system which enabled the malware to fraudulently charge consumers’ mobile phone accounts. A1 Agregator Limited was issued a fine of £50,000, ordered to make refunds directly to ALL consumers within three months, whether or not they had complained and directed to seek prior permission for a year from PhonepayPlus to run any premium rate service in the UK.

Patrick Guthrie, PhonepayPlus’ Director of Strategy and Communications said:
“We will continue to clamp down on those who wish to take advantage of UK smartphone customers. We are very pleased that the tribunal ordered that everyone affected will get their money back and that a strong fine was imposed. The digital economy is vital to the UK’s future and we will continue to take action to maintain the confidence of the public.”

PhonepayPlus recently held the first UK mobile malware summit and works closely with the police, mobile networks and antivirus companies to combat the threat to UK consumers from premium rate malware.


  1. Unfortunately PhonepayPlus did not help to prevent this happening. It was only spotted after consumer complaints and up to £50,000 damage had already been caused. The company were also not correctly registered with the regulator at the time so there have been massive failures all-round. 

    This is likely to be the tip of the iceberg as PhonepayPlus does not want to regulate directly on this as they would rather pocket the fine revenue at the moment. PhonepayPlus could mandate that prior permission is needed for all Mobile applications that have MT billing. This was (eventually) mandated for diallers but not until massive consumer harm had been caused.

  2. Slightly off topic, but why own earth did they rename ICSTIS “PhonepayPlus”? ICSTIS sounds like a regulator, PhonepayPlus sound like some mPayments offering.

  3. I may feel confident wading through the Android store should I decide to get one but, my Dad has got the touch screen bug after suffering along with a Wildfire for while and I adamant that if must be a touch screen and he does not want a Nokia then it really has to be an iPhone. I’m sorry but I just don’t feel that Google care enough right now


Please enter your comment!
Please enter your name here

Recently Published

Is it time to subscribe to a printer service from HP?

Ever since my dad brought home an HP LaserJet printer (version 3, if memory serves), I have been printing with an HP. Over the...

What’s the best way of buying a phone today?

How did you buy your latest phone? I'm asking because I'm thinking about what I should be doing. When I was living in Oman, I...

MWC: What device highlights did you miss?

So, early last week I predicted that next to nothing from Mobile World Congress would break through into the mainstream media. I was right,...

How Wireless Will Pave the Path to Neobank Profitability

I'm delighted to bring you an opinion piece from Rafa Plantier at I think it's particularly relevant given the recent eSIM news from...

An end of an era: Vodafone UK turns off 3G services

I thought it was worthwhile highlighting this one from the Vodafone UK team. For so long - for what feels like years, seeing the...

Mobile World Congress: Did the mainstream media notice?

I resolved this year to make sure I wrote something - anything - about Mobile World Congress, the huge mobile industry trade show taking...