Slashdot Mirror
Sophisticated Bribe Scheme Gets Malware Onto Chinese Antivirus Whitelist
An anonymous reader writes "Malware operators have bribed employees of a gaming company to bundle malware with their mobile apps." Because the app-maker reportedly had a good-faith agreement with China's biggest antivirus company, the apps were apparently whitelisted without a thorough check, according to Softpedia. They cite a report from Check Point which describes how attackers would later pretend to be shoppers on a popular Chinese site where pictures of the desired items are sent to sellers. "The seller would open the picture on a PC and become infected," writes Check Point, "because the Trojan would not be detected," and a subsequent request for a refund would deliver the login credentials for the seller's payment account.
"This example illustrates how important it is to avoid third-party stores and to instead at least rely on stores with more reliable security," argues Check Point. "But even still, stores like the App Store and Google Play aren't immune to threats."
"This example illustrates how important it is to avoid third-party stores and to instead at least rely on stores with more reliable security," argues Check Point. "But even still, stores like the App Store and Google Play aren't immune to threats."
Please don't lump in F-Droid with all the calls to avoid 3rd party app stores.
I deny that I have not avoided attaining the opposite of that which I do not want.
Even after reading TFA, this example DOES NOT illustrate how important it is to avoid third-party stores.