Devil targets banks in Google Play store

By

Legit developer accounts sold to malware writer.

Malware tailored to steal SMS verification tokens from major Australian and kiwi banks is circulating on Google's App store from fraudulent developer accounts.

Devil targets banks in Google Play store

The bot could be purchased from underground websites and used to target the likes of the Commonwealth Bank, Westpac and NAB along with New Zealand organisations HSBC, Kiwibank and ANZ.

Perkele, meaning devil in Finnish, was used in tandem with PC web application malware, Krebsonsecurrity reported.

Attackers would serve victims a phishing site targeting a nominated bank which would direct them to download the booby-trapped mobile application masquerading as a security verification service.

The app would intercept SMS messages sent by banks to customers to confirm transactions, allowing the fraudsters to empty accounts.

To get the malicious apps on the Google Play store, Perkele's developer was offering to snap up verified accounts for $100 a pop, four times the retail cost.

Those accounts were previously verified by Google to be linked to legitimate applications and domains, allowing the attackers to post their wares to the store.

Attackers could spend $1000 to target a single bank and up to $15,000 to attack any of those supported.

Perkele was not as sophisticated as other bank-targeting malware, but illustrates the types of attacks banks face as more users transact using smartphones.

NAB's head of major crime incident resolution services Grant Baxter said it processes half a million account logins from mobile devices and serves some 10 million transactions each day.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Victoria's Secret pulls down website amid security incident

Victoria's Secret pulls down website amid security incident

Log In

  |  Forgot your password?