An application which tricks user to subscribe to or purchase content via their mobile phone bill or subscribes/purchase automatically and unbeknownst to the user.
Toll fraud makes mobile subscription charges through Direct Carrier Billing(DCB), specifically WAP billing. Also there are other type of toll frauds like:
One of the most famous malware families is Joker which do toll fraud.
WAP billing is a mechanism for consumers to buy content from Wireless Application Protocol (WAP) sites that is charged directly to their mobile phone bill. It is an alternative payment mechanism to debit or credit cards and premium SMS for billing. Using WAP billing, consumers can buy mobile content without registering for a service or entering a username or password. The user clicks on a link and agrees to make a purchase, after which they can download content.
WAP billing is particularly associated with downloading mobile entertainment content like ringtones, mobile games and wallpapers. Some commentators have suggested it could compete with Premium SMS as a leading payment channel for mobile content.
The simple flow of WAP billing:
<aside> 💡 For WAP payment the user must connected to internet by mobile network and not Wi-Fi. It’s clear why.
</aside>
fun gettingSimOperator(){
val tm = context.getSystemService(Context.TELEPHONY_SERVICE) as TelephonyManager
Log.v("SimOperator", "[+] Sim Operator Code: ${tm.simOperator}")
Log.v("SimOperator", "[+] Sim Operator Name: ${tm.simOperatorName}")
Log.v("SimOperator", "[+] Network Operator Name: ${tm.networkOperatorName}")
}
The upper code returns the MCC+MNC (mobile country code + mobile network code) of the provider of the SIM.
The output:
2023-09-05 14:07:08.154 10892-10892 SimOperator lab.seczone64.commondevicechecks V [+] Sim Operator Code: 310260
2023-09-05 14:07:08.155 10892-10892 SimOperator lab.seczone64.commondevicechecks V [+] Sim Operator Name: T-Mobile
2023-09-05 14:07:08.155 10892-10892 SimOperator lab.seczone64.commondevicechecks V [+] Network Operator Name: Android
