Slashdot Mirror

← Back to Stories (view on slashdot.org)

Malware That Fakes Bank Login Screens Found In Google Ads (fastcompany.com)

Posted by BeauHD on from the morning-coffee dept.

tedlistens quotes a report from Fast Company: For years, security firms have warned of keystroke logging malware that surreptitiously steals usernames and passwords on desktop and laptop computers. In the past year, a similar threat has begun to emerge on mobile devices: So-called overlay malware that impersonates login pages from popular apps and websites as users launch the apps, enticing them to enter their credentials to banking, social networking, and other services, which are then sent on to attackers. Such malware has even found its way onto Google's AdSense network, according to a report on Monday from Kaspersky Lab. The weapon would automatically download when users visited certain Russian news sites, without requiring users to click on the malicious advertisements. It then prompts users for administrative rights, which makes it harder for antivirus software or the user to remove it, and proceeds to steal credentials through fake login screens, and by intercepting, deleting, and sending text messages. The Kaspersky researchers call it "a gratuitous act of violence against Android users." "By simply viewing their favorite news sites over their morning coffee users can end up downloading last-browser-update.apk, a banking Trojan detected by Kaspersky Lab solutions as Trojan-Banker.AndroidOS.Svpeng.q," according to the company. "There you are, minding your own business, reading the news and BOOM! -- no additional clicks or following links required." The good news is that the issue has since been resolved, according to a Google spokeswoman. Fast Company provides more details about these types of attacks and how to stay safe in its report.

4 of 120 comments (clear)

  1. Please log in to slashdot. by Anonymous Coward · · Score: 5, Funny

    In order to view this post, please reply to it by logging into your slashdot account. Please enter your username and password in the reply box and press the "preview" and "submit" buttons.

  2. Re:And publishers complain about ad blockers by dohzer · · Score: 3, Funny

    Malvertising is the RESULT of ad-blockers.
    If some of us weren't blocking their ads they wouldn't have to stoop to stealing money from the few people who still see them.

  3. Re:Rooted android phone? This helps (w/ ADB) by Anonymous Coward · · Score: 1, Funny

    By simply viewing their favorite news sites over their morning coffee users can end up downloading last-browser-update.apk

    Yeah, right, like I'm going to trust APK to defend me against apks.

  4. Re: Boom, indeed by Anonymous Coward · · Score: 2, Funny

    A criminal would shoot you dead, take your cash, your car and your phone.

    NOT MY PHONE!! ANYTHING BUT MY PHONE!

    Captcha: horror