CallJam
NJCCIC Threat Profile
Original Release Date: 2016-09-12
CallJam targets Android OS and masquerades as a game app available in the Google Play Store. CallJam generates revenue for the attacker by making fraudulent phone calls to premium phone numbers and redirecting victims to malicious websites. This app does require the victim to grant permissions prior to conducting its malicious activity. After the victim grants permission, it first requires him or her to give the game a rating in the Google Play Store, luring the victim with the promise of additional game currency. CallJam then establishes contact with its C2 server receiving instructions to call a specific premium phone number for a set amount of time. It then places the call, generating revenue at the expense of the victim.
Reporting
- September 2016: Check Point Software Technologies Ltd. discovered CallJam bundled into the game “Gems Chests for Clash Royale” in the Google Play Store which has been downloaded between 100,000 and 500,000 times. (Check Point)
Featured Content
- Disaster Relief and Tragedy-Related Scams>
- Flaw in Cosmo DB Could Allow Access to Databases>
- Threat Actors Use Messaging Service as Phishing Lure>
- Back-to-School Cybersecurity>
- Patch Now: Active Exploitation of Microsoft Exchange ProxyShell Vulnerabilities >
- T-Mobile Breach>
- Test Your Cybersecurity Knowledge - Take Our Cyber Quiz Today>
The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.
View our Privacy Policy here.
View our Site Index here.