Technology

Vulnerability in fully patched Android phones under active attack by bank thieves

Vulnerability in fully patched Android phones under active attack by bank thieves

Enlarge (credit: portal gda / flickr)

A vulnerability in millions of fully-patched Android phones is being actively exploited by malware that’s designed to drain the bank accounts of infected users, researchers said on Monday.

The vulnerability allows malicious apps to masquerade as legitimate apps that targets have already installed and come to trust, researchers from security firm Promon reported in a post. Running under the guise of trusted apps already installed, the malicious apps can then request permissions to carry out sensitive tasks, such as recording audio or video, taking photos, reading text messages or phishing login credentials. Targets who click yes to the request are then compromised.

Researchers with Lookout, a mobile security provider and a Promon partner, reported last week that they found 36 apps exploiting the spoofing vulnerability. The malicious apps included variants of the BankBot banking trojan. BankBot has been active since 2017, and apps from the malware family have been caught repeatedly infiltrating the Google Play Market.

Read 10 remaining paragraphs | Comments

Source link

قالب وردپرس

Related posts

Sources: Adobe will preview Illustrator for iPad at its Max conference in November before launching it in 2020 (Bloomberg)

MasMaz

It is getting harder than ever for VPNs to break through the Great Firewall of China

MasMaz

Dear Hollywood, here are 5 female founders to showcase instead of Elizabeth Holmes

MasMaz