Fake Android Apps Conducting Carrier Billing Fraud

Fake Android applications are conducting carrier billing fraud by subscribing users to premium services without consent. These malicious apps employ WebView automation, JavaScript injection, and OTP interception techniques to bypass detection and complete unauthorized transactions. The fraud targets mobile users through deceptive applications that mimic legitimate services. No specific threat actors, affected regions, or exact financial losses were disclosed in the report. The attack vector relies on exploiting mobile carrier billing systems to charge victims directly via their phone bills.