According to Graham Cluley, senior technology consultant with Sophos, the methodology behind mobile malware was explained by Mikko Hypponen, chief research officer with fellow IT security vendor F-Secure, at this week's Virus Bulletin conference.
Hypponen reportedly told his audience about how mobile malware is now dialling virtual premium rate numbers, a process known in telecoms terms as 'tromboning', Infosecurity notes.
Tromboning – also known as telecoms arbitrage – occurs where an international call to an expensive destination never actually makes it to the country concerned, since the call is rerouted by an intermediary telco, typically to a recorded information service.
In his security blog on the issue, Cluley says that it is now possible to locate telephone operators on the internet "who will rent you a premium phone number associated with, say, Antarctica, and pay you every time that a call is made".
And, he noted, unlike other legitimate premium rate numbers – such as 1-900 numbers in North America – there is no regulation preventing abuse of the virtual numbers, meaning that the 'owner' of the number gets paid instantly, rather than having to wait 30 days, as is the norm with 'standard' premium rate numbers.
"And your call never actually gets as far as Antarctica or North Korea. It's stopped in your own country, but you're still billed as though you rang that far away place", said Cluley.
"The days of trojan horses making money out of dial-up modem connections may be long gone, but here's a model for money-making that mobile malware authors could certainly exploit", he added.