Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Source of All Major Android Banking Trojans Just Got Updated To V2 (softpedia.com)

Posted by BeauHD on from the new-and-improved dept.

An anonymous reader writes: Apparently, during the past months it has started coming to the surface the fact that most top-tier Android malware was actually related, coming from a common malware variant called GM Bot, and sold for only $5,000 on underground hacking forums. Taking advantage of his new found glory, the coder behind that malware has now released a second version, three times the price of the first, complete with 3 exploits that can guarantee root access on older versions of Android (which are plenty thanks to [ignorant] OEMs and carriers). Some of the malware that originated from GM Bot includes: SimpleLocker (first crypto-ransomware for Android), AceCard (considered the most sophisticated Android malware to date), Bankosy and SlemBunk (banking trojan and backdoor), and Mazar Bot (banking trojan, backdoor and ransomware). To make things worse, GM Bot v1's source code also got leaked online, making it available to any halfwit developer that wants a crack at a cybercrime career.

6 of 38 comments (clear)

  1. Criminals gonna crime. by ErikTheRed · · Score: 4, Informative

    I don't really get the outrage at this. Criminals are going to commit crimes. I think the outrage would be better directed at Google for promulgating a "security-last" OS to manufacturers who, for the most part, can't be bothered with updates after a few months. When you suck at security almost infinitely more than Microsoft, that's saying something...

    --

    Help save the critically endangered Blue Iguana
    1. Re:Criminals gonna crime. by aaarrrgggh · · Score: 3, Interesting

      I think you are stating the obvious there... this is one of the fundamental flaws of the Android ecosystem.

      Are we going to have to start being nutjob-paranoid and placing a dedicated browser in a virtual machine with only a single trusted certificate and using a pin-protected RSA key for every transaction?

      I almost want a dumb phone and a Filofax now.

    2. Re:Criminals gonna crime. by Locke2005 · · Score: 3, Interesting

      Hardware vendors and cell companies have zero incentive to continue to support phones they are no longer selling. Why would you even expect them to keep shipping updates for them? Yes, Google bears some of the blame for setting up the Android ecosystem this way, instead of obligating some entity with the responsibility to continue support.

      --
      I've abandoned my search for truth; now I'm just looking for some useful delusions.
  2. Re:fail++ by AC-x · · Score: 3, Insightful

    Who is dumb enough to do banking on something so insecure as a desktop browser? It's a seive.

  3. Re:When is Google going to wake up? by sumdumass · · Score: 3, Interesting

    Netfilter might be too powerful for the majority of users. They would likely lock themselves down and eventually turn it off.

    As for permissions, I cannot agree more. Let the app stop working when the permissions are denied but let me change them. There are a few apps i use rarely enough that currently I uninstall between uses. If I could enable or disable permission i could just keep them on the phone. There are also some apps like the one for my blood pressure monitor that i refuse to install because it wants access to my call log, contacts, photos, and something else i cannot figure out why. I even contacted the manufacturer (omron) asking them to explain why but got no response.

  4. Re:fail++ by aaarrrgggh · · Score: 3, Insightful

    Yup... It used to be that the smartphone was more secure without Java, Flash, Acrobat, and a "trusted" cellular internet connection.

    Kids used to walk to school alone too!

    Not sure how much is perception and how much is a real problem in either case.