Fake Android The Interview app actually banking Trojan Malware-slingers have latched onto the torrent of publicity spawned by the controversial film The Interview by stitching together a fake Android app actually designed to swipe online banking credentials. Sony Pictures, stung by criticism that it had given into threats in the wake of a devastating hack attack against its …
I agree on that title.
On the other hand why would the app have so much power, why would give the Android OS so much power to a application. Why is there even a option to give that much power?!?! It just baffles me. I know this is properly the end user's fault because it checked off the 'do whatever you want with my phone' checkbox during installation. On the other hand Android really should ask these questions in the first place and simply deny access.
It's unclear to me from what I can find online how Android/Badaccents actually works but I think it's safe to assume that the payload is exploiting a security flaw elsewhere in Android or in the specific banking apps, rather than Google having thought it'd be smart to extend bank account details to any installed app that asks.
There's almost no information in the article as to how the malware works, so we actually have no idea what permissions the app requires, or how it extracts information from the user. So before getting hysterical about "why would the app have so much power", we ought to give that some thought. It may simply present as a fake banking app for example, which simply asks the user for their credentials and sends them on; no great power or permissions are required for that, just a user gullible enough to fall for it.
Do South Koreans even use google play?
If they do, Google has a feature where it can scan any app you manually install for malware, and prevent it's installation if it finds any, but you have to agree to this scanning the first time you install a non-market app.
Plus it's a good idea to have a security client on your phone like lookout, avast, avg, or norton. Some are free and some only cost $30 AU per year. Not that much to secure a phone that could have cost up to $1,000 and of course internet banking fraud will cost you a lot more than that.
...that the media are taken in so much as to think this might be a real story and are feeding on each other to generate the hype.
It's even more sad that so many are people are taking the hype seriously enough to actually want to see a film that has been almost universally slated by pretty much everyone who has seen it.
I'm guessing these are the same people who are "excited" by the "exciting new developments" announced daily by marketing twonks. (it's an exciting new shade of pink, two shades lighter than the previous exciting new colour and in limited production of ONLY!!!! TWENTY MILLION INDIVIDUALLY NUMBERED UNITS!!!! PRE-ORDER YOURS NOW OR BE LEFT OUT!!!!
I don't understand this either, why would someone activelly search for specific application, click to install it, in order to watch a specific film...
If these kind of people do exist then why are they allowed to actually use a phone, let alone a smart phone, unattended...
Appropriate quotation for the day:
Only two things are infinite, the universe and human stupidity, and I'm not sure about the former.
<Albert Einstein>
"I don't understand this either, why would someone activelly search for specific application, click to install it, in order to watch a specific film..."
Because the majority of users don't know how these things work. We work with this, so it is obvious to us that "Install Netflix to see the movies from its servers" if totally different from "Install this app to see a single (pirated) movie"
From the user perspective, it is the same thing: an app that plays films.
This post has been deleted by its author
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
