Slashdot Mirror

← Back to Stories (view on slashdot.org)

3-in-1 Android Malware Acts As Ransomware, Banking Trojan and Info Thief

Posted by timothy on from the now-how-much-would-you-pay? dept.

An anonymous reader writes: Why stop at asking ransom for encrypted files when you can also steal personal info, passwords, online banking credentials and credit card details, and sell it or use it to get even more money? Palo Alto researchers have recently analyzed Xbot, a Trojan that is capable of doing all the aforementioned things, and have found it mimicking 22 different Android apps.

6 of 25 comments (clear)

  1. Hah. by toonces33 · · Score: 5, Informative

    Good grief:

    The malware does encrypt files, but it does so by simply XORing each byte in all files by the fixed integer number 50. That means that the malware’s claims that the files can’t be decrypted without paying the ransom and receiving the decryption key is not true.

    1. Re:Hah. by inasity_rules · · Score: 2, Funny

      Stop reading tfa... What is this 1999?

      --
      I have determined that my sig is indeterminate.
    2. Re:Hah. by gstoddart · · Score: 2

      Really, you expect honesty from malware writers? :-P

      --
      Lost at C:>. Found at C.
  2. Plus ça change.... by Bearhouse · · Score: 3, Insightful

    The actual article is here:

    http://researchcenter.paloalto...

  3. Banking info by Anonymous Coward · · Score: 5, Insightful

    If it steals banking info, it should automatically log in to your bank and pay the ransom itself.

  4. Re:Why do people use Android? by gstoddart · · Score: 2

    I doubt anyone would be dumb enough to fall for this

    Yeah, about that:

    "No one ever went broke underestimating the intelligence of the American public."

    Turn that to "general public", and you see where we're at.

    These things work because people do fall for them.

    --
    Lost at C:>. Found at C.