Banking malware found on Android Marketplace

Filed Under: Android, Google, Malware, Mobile

Android
An application for smartphones running the Google Android operating system has been reported to steal users' banking information.

According to a blog post from the First Tech Credit Union, an app developer called 09Droid created applications which posed as a shell for mobile banking applications, and in the process phished personal information about the users's bank accounts. The information would, presumably, have been usen for the purposes of identity theft.

SophosLabs has not yet seen a sample of the malware, which has now been removed from the Android Marketplace, and First Tech Credit Union is at pains to point out to its customers that it does not currently have an app for the Android phone.

A number of other financial institutions have also published warnings regarding the Android applications. For instance, here's a similar warning about the Android app that was published on the website of Travis Credit Union, and this is what the credit union posted on its official Facebook page:

Warning on Travis Credit Union's Facebook page

Although malware has previously emerged for jailbroken iPhones (such as the infamous Rick-rolling Ikee worm) the malicious applications have not made it onto users' iPhones via Apple's highly guarded AppStore.

The Android marketplace, however, is not as closely monitored as Apple's equivalent, and adopts a more "anything goes" philosophy. This, combined with the current buzz around new phones running Android such as the Motorola Droid and the Google Nexus One, may make the platform more attractive to cybercriminals in future.

As more and more users inevitably take advantage of smartphones to access their bank accounts in the future, the temptation for hackers to exploit systems may become greater.

, ,

You might like

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.