Android Banking Malware SlemBunk Part of Well-Organized Campaign

itwbennett writes: Researchers from FireEye first documented the SlemBunk Android Trojan that targets mobile banking users in December. Once installed, it starts monitoring the processes running on the device and when it detects that a mobile banking app is launched, it displays a fake user interface on top of it to trick users into inputting their credentials. The Trojan can spoof the user interfaces of apps from at least 31 banks from across the world and two mobile payment service providers. The attack is more complicated than it appears at first glance, because the APK (Android application package) that users first download does not contain any malicious functionality, making it hard for antivirus apps and even Android's built-in app scanner to detect it.

Never

[jodido]

This is why I don't and never will have a banking app on any mobile device.

Re:Never

[ElectricHellKnight]

I do all my banking under my mattress.

Re:The fool and his money

[BarbaraHudson]

The latest versions, however, are distributed through drive-by download techniques, predominantly when visiting porn websites. Device owners are alerted that in order to view the videos on the site they need to update their Flash Player and an APK (Android application package) is offered for download.

Porn. Well, you wanted to see people getting f*cked, didn't you? Now take a selfie :-)

Re: How do you like your lack of control now?

This malware isn't from the Google play store, its from some porn site. The summary is garbage. Summary: user vists porn website, a pop up says please update flash. User clicks OK and downloads a .apk file. User has to go into options to allow side loading of apps and install the .apk he just downloaded. No shit bad stuff will happen.