Android Banking Malware SlemBunk Part of Well-Organized Campaign

itwbennett writes: Researchers from FireEye first documented the SlemBunk Android Trojan that targets mobile banking users in December. Once installed, it starts monitoring the processes running on the device and when it detects that a mobile banking app is launched, it displays a fake user interface on top of it to trick users into inputting their credentials. The Trojan can spoof the user interfaces of apps from at least 31 banks from across the world and two mobile payment service providers. The attack is more complicated than it appears at first glance, because the APK (Android application package) that users first download does not contain any malicious functionality, making it hard for antivirus apps and even Android's built-in app scanner to detect it.

Re:The fool and his money

[BarbaraHudson]

The latest versions, however, are distributed through drive-by download techniques, predominantly when visiting porn websites. Device owners are alerted that in order to view the videos on the site they need to update their Flash Player and an APK (Android application package) is offered for download.

Porn. Well, you wanted to see people getting f*cked, didn't you? Now take a selfie :-)

Re:Never

[ElectricHellKnight]

I do all my banking under my mattress.

Re:Never

[thegarbz]

I used to do it on my Windows 10 machine, but after advice here on Slashdot I now only do internet banking on an old vanilla Windows XP machine running IE6. I heard that Windows updates are bad, and antivirus products are worse so I have gone back to basics to keep me safe.