The Source of All Major Android Banking Trojans Just Got Updated To V2

An anonymous reader writes: Apparently, during the past months it has started coming to the surface the fact that most top-tier Android malware was actually related, coming from a common malware variant called GM Bot, and sold for only $5,000 on underground hacking forums. Taking advantage of his new found glory, the coder behind that malware has now released a second version, three times the price of the first, complete with 3 exploits that can guarantee root access on older versions of Android (which are plenty thanks to [ignorant] OEMs and carriers). Some of the malware that originated from GM Bot includes: SimpleLocker (first crypto-ransomware for Android), AceCard (considered the most sophisticated Android malware to date), Bankosy and SlemBunk (banking trojan and backdoor), and Mazar Bot (banking trojan, backdoor and ransomware). To make things worse, GM Bot v1's source code also got leaked online, making it available to any halfwit developer that wants a crack at a cybercrime career.

Re:When is Google going to wake up?

[sumdumass]

Netfilter might be too powerful for the majority of users. They would likely lock themselves down and eventually turn it off.

As for permissions, I cannot agree more. Let the app stop working when the permissions are denied but let me change them. There are a few apps i use rarely enough that currently I uninstall between uses. If I could enable or disable permission i could just keep them on the phone. There are also some apps like the one for my blood pressure monitor that i refuse to install because it wants access to my call log, contacts, photos, and something else i cannot figure out why. I even contacted the manufacturer (omron) asking them to explain why but got no response.

Re:Criminals gonna crime.

[aaarrrgggh]

I think you are stating the obvious there... this is one of the fundamental flaws of the Android ecosystem.

Are we going to have to start being nutjob-paranoid and placing a dedicated browser in a virtual machine with only a single trusted certificate and using a pin-protected RSA key for every transaction?

I almost want a dumb phone and a Filofax now.

Re:Criminals gonna crime.

[Locke2005]

Hardware vendors and cell companies have zero incentive to continue to support phones they are no longer selling. Why would you even expect them to keep shipping updates for them? Yes, Google bears some of the blame for setting up the Android ecosystem this way, instead of obligating some entity with the responsibility to continue support.